Guest

Preview Tool

Cisco Bug: CSCvt93736 - CTS (Cisco TrustSec) does not request RBACL for valid SGT

Last Modified

May 05, 2020

Products (1)

  • Cisco IOS

Known Affected Releases

16.12.2s

Description (partial)

Symptom:
- switch does not download RBACL from ISE for valid SGT even if RBACL is correctly configured on ISE

Conditions:
- SGT is correctly configured on the switch (statically / dynamically) and visible in output of "show cts role-based sgt-map [vrf ...] all"
- SGT is missing in the output of: "show cts authorization entries | in Peer"
- request for RBACL for given SGT is not sent from switch towards ISE when CTS policy is refreshed via 'cts refresh policy'
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.