Guest

Preview Tool

Cisco Bug: CSCvs77570 - SGACL created on ISE with hyphen "permit tcp dst eq 32767-65535" is not understood by ASR1K

Last Modified

Feb 26, 2020

Products (1)

  • Cisco Identity Services Engine

Known Affected Releases

2.3(0.907)

Description (partial)

Symptom:
SGACL created on ISE which include a hyphen on the ACL Content; example: "permit tcp dst eq 32767-65535" is not understood/honoured by ASR1K running version 16.9.2
ASR1K downloads all SGACLs when you do a "show cts rbacl"; however, when you do a show cts role-based permissions, these SGACLs with hyphens are missing and not downloaded on the ASR1K

Conditions:
ASR1K running 16.9.2 with ISE version 2.3 patch 7.
This could be an issue with other switches/routers and ISE versions too.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.