Cisco Bug: CSCvt51349 - Fragmented packets forwarded to fragment owner are not visible on data interface captures
Oct 06, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: If a cluster unit, say unit A, has captures enabled on ingress data interface and receives fragmented packets that are then forwarded to the fragment owner over the cluster control link (CCL), then these fragmented packets are not visible on data interface captures on unit A but are only visible on the CCL captures on unit A. Conditions: - ASA/FTD applications running on the ASA or Firepower (NGFW) appliances in clustered deployment, routed or transparent firewall modes, and/or single or multi-context modes (only for ASA). - Ingress data interface capture is configured. - Fragmented packets are received on an ingress interface, but not processed locally, instead are forwarded to the fragment owner over the CCL link.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases