Guest

Preview Tool

Cisco Bug: CSCvs59966 - false reported value for OID "cipSecGlobalActiveTunnels" - same as ASDM

Last Modified

Jan 24, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

2.6(1) 9.12(2.9)

Description (partial)

Symptom:
false reported value for OID "cipSecGlobalActiveTunnels" - same as ASDM -  
happen after update of FXOS to 2.6.1.174 and ASA to 9.12.2.9 and are using ASDM 7.12.2.

*   ASA is reading this value from the below output ( not show vpn-sessiondb summary as expected ) :

Primary ( Active ):
      ------------------ show ipsec stats ------------------
IPsec Global Statistics
-----------------------
Active tunnels: 1300
Previous tunnels: 2049674
Inbound


Secondary ( standby ) :
      ------------------ show ipsec stats ------------------
IPsec Global Statistics
-----------------------
Active tunnels: 553
Previous tunnels: 2049658


*   More details for this OID as :

  https://snmp.cloudapps.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=1.3.6.1.4.1.9.9.171.1.3.1.1&translate=Translate&submitValue=SUBMIT



Object      cipSecGlobalActiveTunnels

OID   1.3.6.1.4.1.9.9.171.1.3.1.1

Type  Gauge32

Permission  read-only

Status      current

MIB   CISCO-IPSEC-FLOW-MONITOR-MIB ;   -   View Supporting Images this link will generate a new window

Description "The total number of currently active IPsec Phase-2 Tunnels."

Conditions:
after update of FXOS to 2.6.1.174 and ASA to 9.12.2.9 and are using ASDM 7.12.2.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.