Cisco Bug: CSCvu65669 - Traffic drop from branch overlay ping to service side without zp vpn1 to vpn1 when FW & IPS enabled
Sep 12, 2020
- Cisco XE SD-WAN Routers
Known Affected Releases
Symptom: Firewall enabled in inspection mode from vrf 10 to outside zone. And traffic source and destination is in vrf 10 and no firewall enabled for this traffic. Below is the scenario. With only firewall --> All incoming/outgoing traffic works With only IPS -- > All incoming/outgoing traffic works With firewall & IPS --> All incoming ICMP traffic drops with Firewall_policy. Conditions: All incoming traffic drops with Firewall_policy when Firewall enabled between vpns to outside zone.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases