Guest

Preview Tool

Cisco Bug: CSCvs72114 - Config compliance for EPG raises Verified event if the corresponding EPG doesn't have an attribute

Last Modified

Sep 29, 2020

Products (1)

  • Cisco Network Assurance Engine

Known Affected Releases

5.0(0)

Description (partial)

Symptom:
Config compliance for EPGs checks, if certain attributes are set to some expected values for a group of EPGs.
These attributes currently are the QoS flag, Preferred Group membership and Intra EPG isolation.

The Intra EPG isolation attributes however only exists for AppEPGs. When a requirement with this attributes is checked for other types of EPGs it is considered as enforced, hence it will trigger an enforcement event if no other violations are present. However, the event will only list attributes that actually exist on the UI. As a cornercase, where the intra epg isolation attribute is the only attribute that's set in the requirement, the corresponding enforcement event will thus be empty.

Conditions:
This issue occurs when the EPG selector of a Config Compliance Requirement is also selecting EPGs that are not of type AppEPG and the requirement defines a check for the Intra-EPG Isolation attribute.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.