Guest

Preview Tool

Cisco Bug: CSCvt23004 - CSM is Deploying the wrong RAVPN protocol after RAVPN configuration Discovery

Last Modified

Jun 08, 2020

Products (1)

  • Cisco Security Manager

Known Affected Releases

4.19(0)SP1

Description (partial)

Symptom:
Whenever you add a device to the CSM which has configured WEBVPN group-policies, CSM import wrongly the protocols, causing network down during the first deployment.

By default on ASA under the group policy the "ssl-client" is the tunnel protocol. It is not showing up on the config, because it is a "default" setting. However because CSM cannot load the "vpn-tunnel-protocol" command, it uses its own default setting which are 'ikev1 ikev2 ssl-clientless".

This is wrong because during the first deployment the "ssl-client" protocol will be disabled with other settings.

Conditions:
CSM 4.19 (SP1)
ASA Device
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.