Guest

Preview Tool

Cisco Bug: CSCvt27565 - Quarantine IP Interface feature usage is causing centralized PVO enable button grey out on ESA

Last Modified

Jun 24, 2020

Products (1)

  • Cisco Content Security Management Appliance

Known Affected Releases

12.5.0-635 13.0.0-229 13.0.0-249

Description (partial)

Symptom:
unable to enable centralized policy quarantine on the ESA if you used another interface for the quarantine from the SMA when the ESA has another interface on the same subnet

this is because the ESA will use the management to connect to the SMA, but when it is trying to reach the interface of the quarantine it will use the other interface that is in the same subner and the SMA then rejects it as it does not recognize 
there is no configurable way to allow the SMA to accept the connections from the second interface thus the communication fails and it is not possible to enable the PVO centralized quarantine

Conditions:
SMA using other interface than the management for PVO quarantine
And ESA having another interface on the same subnet other than the one used for SMA connection
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.