BugZero | Cisco BugID CSCwh95119 - secure-internet-gateway tunnels show no output for...

Cisco - Defect ID: CSCwh95119

secure-internet-gateway tunnels show no output for Generic tunnels

Cisco - Defect ID: CSCwh95119

secure-internet-gateway tunnels show no output for Generic tunnels

Last updated on 11/21/2023

Overall: 5.75.7

Severity: 6.46.4

Lifecycle: 44.0

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Overall: 5.75.7

Severity: 6.46.4

Lifecycle: 44.0

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Symptom

I have noticed that the same has not been seen under the CLI of the router also, but I can confirm that tunnel is up/up. ******Following outputs are from Lab****** DC1_CE1#show sdwan secure-internet-gateway tunnels % No entries found. DC1_CE1#show run int Tunnel100611 Building configuration... Current configuration : 210 bytes ! interface Tunnel100611 ip unnumbered GigabitEthernet1 ip mtu 1400 tunnel source GigabitEthernet1 tunnel destination 80.80.80.100 tunnel route-via GigabitEthernet1 mandatory tunnel vrf multiplexing end DC1_CE1#show sdwan run | sec sig service sig vrf global zscaler-location-settings auth-required false xff-forward-enabled false surrogate ip false surrogate idle-time 0 surrogate display-time-unit MINUTE surrogate ip-enforced-for-known-browsers false surrogate refresh-time 0 surrogate refresh-time-unit MINUTE ofw-enabled false ips-control false aup disabled aup block-internet-until-accepted false aup force-ssl-inspection false aup timeout 0 caution-enabled false ! ha-pairs interface-pair Tunnel100611 active-interface-weight 1 None backup-interface-weight 1 ! DC1_CE1#show sdwan run | sec secure no ip http secure-server tunnel-options tunnel-set secure-internet-gateway-other source-interface GigabitEthernet1 DC1_CE1# DC1_CE1# DC1_CE1#show ip int br Interface IP-Address OK? Method Status Protocol GigabitEthernet1 172.177.1.101 YES other up up GigabitEthernet2 80.80.80.101 YES other up up GigabitEthernet3 192.168.17.1 YES other up up Sdwan-system-intf 100.100.100.101 YES unset up up vmanage_system unassigned YES unset up up Loopback65528 192.168.1.1 YES other up up Loopback65529 11.1.100.101 YES other up up Loopback65530 172.17.1.101 YES other up up NVI0 unassigned YES unset up up Tunnel1 172.177.1.101 YES TFTP up up Tunnel2 80.80.80.101 YES TFTP up up Tunnel100611 172.177.1.101 YES TFTP up up <<<<<<

Conditions

Tunnel is up/up but cannot see the same under output of "show sdwan secure-internet-gateway tunnels"

Workaround

show ip interface brief and ipsec related CLIs can be used like any generic IPSec Tunnels.

Further Problem Description

Original Vendor Announcement

9.65Defect ID: CSCwd45843
Auth Step latency for policy evaluation due to Garbage Collection activity.
9.65Defect ID: CSCwa92734
CUBE DTMF interworking fails from rtp-nte to OOB SIP methods
9.65Defect ID: CSCwj45822
Cisco ASA and FTD Software Remote Access VPN Brute Force Denial of Service Vulnerability
9.65Defect ID: CSCvo03458
PKI "revocation check crl none" does not fallback if CRL not reachable
9.65Defect ID: CSCvq05584
Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Cisco - Defect ID: CSCwh95119

secure-internet-gateway tunnels show no output for Generic tunnels

Cisco - Defect ID: CSCwh95119

secure-internet-gateway tunnels show no output for Generic tunnels

Last updated on 11/21/2023

Vendor details

Vendor details

Description

Symptom

Conditions

Workaround

Further Problem Description

Links

Top Cisco defects by risk score

Ready to prevent the next vendor outage?