Guest

Preview Tool

Cisco Bug: CSCvt82613 - IOS-XE: ACL on Management Interface ignoring ICMP-Type information.

Last Modified

Aug 29, 2020

Products (14)

  • Cisco ASR 1000 Series Aggregation Services Routers
  • Cisco 4221 Integrated Services Router
  • Cisco ASR 1000 Series IOS XE SD-WAN
  • Cisco ASR 1002-X Router
  • Cisco 4331 Integrated Services Router
  • Cisco 4321 Integrated Services Router
  • Cisco ASR 1001-X Router
  • Cisco 4351 Integrated Services Router
  • Cisco ASR 1002-HX Router
  • Cisco ISR 4000 Series IOS XE SD-WAN
View all products in Bug Search Tool Login Required

Known Affected Releases

16.12.1 16.9.4

Description (partial)

Symptom:
The switch stops to respond ICMP requests through the management port with an access list configured to block only ICMP timestamp-request and timestamp-reply packets (The ACL blocks all ICMP traffic).

Access list:    
 10 deny icmp any any timestamp-request
 20 deny icmp any any timestamp-reply
 30 permit ip any any

Conditions:
The problem has only been seen in Fuji 16.9.4 and Gibraltar 16.12.1.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.