Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

CSCtd87060

Hello,

we are planning to upgrade some 2800 series routers to a newer software version (now 12.4.20T4) because of this bug.

Today it seems to be a serious security problem to run java prior 1.6.0u17.

I'm planning to either jump to 15.0.1M2 or stay at the 12.4.20T tree with 12.4.20T5.

From the bug tracking tool it's not clear wether it is resolved in that versions or not.

Has anyone made any experiences withe webvpn thin client regarding that issue?

Previous posts were not very helpful regarding this annoying "MD2withRSA" bug.

Best regards

Sebastian

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: CSCtd87060

Yes, the bug is fixed in version 15.0.1(M2), but please be advised that you will need to purchase license to run webvpn from version 15.0:

http://www.cisco.com/en/US/partner/docs/ios/sec_secure_connectivity/configuration/guide/sec_ssl_vpn_ps10592_TSD_Products_Configuration_Guide_Chapter.html#wp1473540

4 REPLIES
Cisco Employee

Re: CSCtd87060

Yes, the bug is fixed in version 15.0.1(M2), but please be advised that you will need to purchase license to run webvpn from version 15.0:

http://www.cisco.com/en/US/partner/docs/ios/sec_secure_connectivity/configuration/guide/sec_ssl_vpn_ps10592_TSD_Products_Configuration_Guide_Chapter.html#wp1473540

Community Member

Re: CSCtd87060

Hi,

as far as I can see license seat count is only for ISR G2 routers.

For 2800 series I can not see any significant change in documentation.

Am I missing something?

According to sslvpn doc 10 seats are licensed in HSEC bundle and as a last resort I do have a FL-WEBVPN-10-K9 here.

Is the bug fixed back in 12.4.20T5?

Regards

Sebastian

Cisco Employee

Re: CSCtd87060

Not fixed in 12.4(20)T5, it's fixed in 12.4(24)T3 though.

Community Member

Re: CSCtd87060

just to sum it up:

we have successfully upgraded to 15.0.1M2 and resolved that issue.

One minor issue occured: ssl truspoint on the webvpn gateway will be replaced by a selfsigned which can be easily resolved.

sebastian

326
Views
0
Helpful
4
Replies
CreatePlease to create content