Cisco Cisco IOS Software Release 12.2(33)SRE
848
Caveats for Cisco IOS Release 12.2(33)SRC through 12.2(33)SRC6
OL-10394-05 Rev. R0
Conditions: This is seen across PA (PA-MC-2T3-EC) and on applying both header compression and
QoS policy.
QoS policy.
Workaround: There is no workaround.
Resolved Caveats—Cisco IOS Release 12.2(33)SRC2
Cisco IOS Release 12.2(33)SRC2 is a rebuild release for Cisco IOS Release 12.2(33)SRC. The caveats
in this section are resolved in Cisco IOS Release 12.2(33)SRC2 but may be open in previous Cisco IOS
releases.
in this section are resolved in Cisco IOS Release 12.2(33)SRC2 but may be open in previous Cisco IOS
releases.
Miscellaneous
•
CSCeb69473
Symptoms: Device crashes with a segmentation violation (SegV) exception.
Conditions: Occurs when the connect target_ip [login|513] /terminal- type value command is
entered with a large input parameter to the terminal-type argument such as the following:
entered with a large input parameter to the terminal-type argument such as the following:
router>connect 192.168.0.1 login /terminal-type aaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Trying 192.168.0.1...Open login:
*** System received a SegV exception *** signal= 0xb, code= 0x1100, context=
0x82f9e688 PC = 0x61616160, Vector = 0x1100, SP = 0x833ae5a8
Workaround: AAA Authorization AAA authorization enables you to limit the services available to
a user. When AAA authorization is enabled, the network access server uses information retrieved
from the user’s profile, which is located either in the local user database or on the security server, to
configure the user’s session. Once this is done, the user will be granted access to a requested service
only if the information in the user profile allows it.
a user. When AAA authorization is enabled, the network access server uses information retrieved
from the user’s profile, which is located either in the local user database or on the security server, to
configure the user’s session. Once this is done, the user will be granted access to a requested service
only if the information in the user profile allows it.
For a complete description of authorization commands, refer to the following links:
Configuring Authorization
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hsec_c/part05/schathor.
htm
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hsec_c/part05/schathor.
htm
ACS 4.1 Command Authorization Sets
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.
1/ user/SPC.html#wpxref9538
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.
1/ user/SPC.html#wpxref9538
ACS 4.1 Configuring a Shell Command Authorization Set for a User Group
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.
1/ user/GrpMgt.html#wp480029
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.
1/ user/GrpMgt.html#wp480029
Role-Based CLI Access The Role-Based CLI Access feature allows the network administrator to
define "views," which are a set of operational commands and configuration capabilities that provide
selective or partial access to Cisco IOS EXEC and configuration (Config) mode commands. Views
restrict user access to Cisco IOS command-line interface (CLI) and configuration information; that
is, a view can define what commands are accepted and what configuration information is visible.
Thus, network administrators can exercise better control over access to Cisco networking devices.
The following link provides more information about the Role-Based CLI Access feature:
define "views," which are a set of operational commands and configuration capabilities that provide
selective or partial access to Cisco IOS EXEC and configuration (Config) mode commands. Views
restrict user access to Cisco IOS command-line interface (CLI) and configuration information; that
is, a view can define what commands are accepted and what configuration information is visible.
Thus, network administrators can exercise better control over access to Cisco networking devices.
The following link provides more information about the Role-Based CLI Access feature:
Role-Based CLI Access
http://www.cisco.com/en/US/netsol/ns696/networking_solutions_white_paper09186a00801ee18d.
sh tml
http://www.cisco.com/en/US/netsol/ns696/networking_solutions_white_paper09186a00801ee18d.
sh tml