Guest

Preview Tool

Cisco Bug: CSCvu71702 - ASA anyconnect radius ipv6 dacl not working

Last Modified

Oct 22, 2020

Products (1)

  • Cisco Adaptive Security Appliance (ASA) Software

Known Affected Releases

9.13(1) 9.4 9.8

Description (partial)

Symptom:
IPv6 downlodable access-list (DACL) pushed from ISE doesn't get applied as vpn-filter for AnyConnect user connected to ASA.
The following error log appears:

%ASA-3-109019: Downloaded ACL 'AAA-user-TEST' has parsing error; ACE: 'ipv6:CiscoSecure-Defined-ACL=#ACSACL#-IPV6-Permit_any6-5ee1c7f0'; Unsupported ACL type

Conditions:
IPv6 DACL pushed via Radius from ISE to ASA for AnyConnect user
Anyconnect Remote Access VPN
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.