OPERATIONAL DEFECT DATABASE
...
...
%CTS-2-AUTHZ_POLICY_SGACL_ACE_FAILED: Failed to download ACEs for SGACL 'TCP_SGACL_101' for SGT=164-69:Server164 due to ACE 'missing/incomplete' error
On the fresh device directly download 20*100 matrix with CoA operation Once all the policies being downloaded perform "no cts role-based enforcement" / "cts role-based enforcement"
None
FF-9200#show debugging General OS: AAA CoA packet processing debugging is on Packet Infra debugs: Ip Address Port ------------------------------------------------------|---------- CTS: CTS CoA event debugging is on Radius protocol debugging is on Radius packet protocol debugging is on Radius table debugging is on FF-9200# FF-9200#show run | s enfor cts role-based enforcement cts role-based enforcement vlan-list 1041,2041 FF-9200# FF-9200#show cts role-based sgt-map summ -IPv4- IP-SGT Active Bindings Summary ============================================ Total number of CLI bindings = 104 Total number of LOCAL bindings = 1001 Total number of INTERNAL bindings = 5 Total number of active bindings = 1110 -IPv6- IP-SGT Active Bindings Summary ============================================ Total number of active bindings = 0 FF-9200#show cts ro per | c IPv4 Role-based permissions Number of lines which match regexp = 2001 FF-9200# FF-9200#show logg | in missing/incomplete May 7 14:22:57.975: %CTS-2-AUTHZ_POLICY_SGACL_ACE_FAILED: Failed to download ACEs for SGACL 'TCP_SGACL_101' for SGT=164-69:Server164 due to ACE 'missing/incomplete' error FF-9200#
Click on a version to see all relevant bugs
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
