Cisco Bug: CSCvu26854 - Multiple Issues After Upgrade Without Switchover With IPSec Enabled Until IPTables Restarted
Oct 16, 2020
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Symptom: While doing an upgrade without switch version, the upgrade completes successfully but many ports on the active version are blocked so various services are unreachable. The following issues have been observed due to this: 1. Subscriber upgrades fail 2. GUI / Tomcat webapps inaccessible (including web pages, AXL, UDS, etc...) 3. TFTP inaccessible 4. If phones are reset, they won't re-register SSH access still works, so the workaround listed below can be performed without issue. Conditions: This has been seen on systems with IPSec enabled on both FIPS and nonFIPS mode. It only happens when upgrades are performed without automatic switch version. If the switch version is done as part of the upgrade, no issues are seen.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases