topic Thanks...that is convenient.. in Network Security

question about Access Rules in ASDM

SIMMN — Tue, 12 Mar 2019 08:57:53 GMT

I have two sets of ASA firewalls (no firepower). From CLI, I configured followings:

access-list Outside_access_in extended deny ip object-group Bad-Sources any4
access-list DMZ_access_in extended deny ip any4 object-group Bad-Sources

Then from ASDM to view/verify the access control rules, they show like followings attached.

So where/how does ASDM pick the user, security group for source and security group for destination...When edit the same rule from ASDM, User and/or security group are empty...

ASA is running 9.7.1 and ASDM is 7.7.1.

Thanks,

This is a bug in ASDM 7.7(1)

Rahul Govindan — Tue, 21 Feb 2017 20:35:05 GMT

This is a bug in ASDM 7.7(1) where random objects are populated.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc92151/?referring_site=bugquickviewredir

User and Security Group fields in ASDM show invalid content and random objects

Fix should come out in the 7.8(1) release.

Thanks...that is convenient..

SIMMN — Tue, 21 Feb 2017 20:49:17 GMT

Thanks...that is convenient...ASDM 7.7.1 is the only one compatible with ASA 9.7.1 firmware...But why that bug is not listed in the release notes?

I guess no one knows the ETA for 7.8(1), right? Do I have to downgrade ASA to 7.6.2 then?

You are right, the support

Rahul Govindan — Tue, 21 Feb 2017 21:02:42 GMT

You are right, the support for the 9.7(1) release is only the 7.7(1). You may be able to use 9.6(1) also with the release, I have not tested this though. You could try checking with TAC to see if there is an earlier release with the fix out for this.

The release notes usually has only the open bugs when the image was released. This bug may have been discovered after that, which may take some time to be updated back into the release notes. You can use the Bug search tool to look for all open bugs in a particular release.

Can I ask did you search the

SIMMN — Tue, 21 Feb 2017 23:15:53 GMT

Can I ask did you search the bug tool found the bug or you are aware it already?

I was aware of this

Rahul Govindan — Wed, 22 Feb 2017 02:25:07 GMT

I was aware of this particular bug. But, I have searched for bugs in the past using the tool. I verified that this bug is showing up in the tool when searching for bugs in ASDM 7.7 release.