https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320379#M920177 <HTML><HEAD></HEAD><BODY><P>Hi Meda,</P><P></P><P>I mentioned that the duplication happens in case You're doin the discovery from the real device. At the time of discovery procedure CSM creates objects in its database with the _x suffix and the same values as in an "old" objects (without _x).</P><P></P><P>And at the next deploy CSM replaces old objects with a new ones. What I'm doing:</P><P>1) copying access-rules policy somewhere</P><P>2) discovery from the device device</P><P>3) clearing parsed config in Access Rules (deleting rules)</P><P>4) pasting rules that were copied earlier.</P><P></P><P>Result: the config is synchronized between CSM DB and the FW. No new objects are used.</P><P>This is a workaround, not a normal situation (otherwords - bug). Do not understand why it's needed to create new objects instead of using existed ones.</P><P></P><P>P.S. Just opened a case in Cisco TAC: changed the Global ACL (inheritance) for the FW. After that some of rules were missed in real device but existed in CSM DB. Branch was down for 2 hours.. Be aware and do preview config each time making deploy.</P><P></P><P>My CSM version is 4.4 SP2</P><P></P><P>Regards,</P><P>Anton</P></BODY></HTML> Thu, 03 Oct 2013 14:22:12 GMT 4nt0n_Zamaraev 2013-10-03T14:22:12Z https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320378#M920176 <P>Hello, we recently updgrade CSM to 4.3.0 service pack2 and we figure out that objet are duplicated with _xx when push are perform to FW asa version 8.4.How i can resolve the problem in order to avoid this duplicated objets.</P> Fri, 21 Feb 2020 13:00:17 GMT https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320378#M920176 Yasm 2020-02-21T13:00:17Z https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320379#M920177 <HTML><HEAD></HEAD><BODY><P>Hi Meda,</P><P></P><P>I mentioned that the duplication happens in case You're doin the discovery from the real device. At the time of discovery procedure CSM creates objects in its database with the _x suffix and the same values as in an "old" objects (without _x).</P><P></P><P>And at the next deploy CSM replaces old objects with a new ones. What I'm doing:</P><P>1) copying access-rules policy somewhere</P><P>2) discovery from the device device</P><P>3) clearing parsed config in Access Rules (deleting rules)</P><P>4) pasting rules that were copied earlier.</P><P></P><P>Result: the config is synchronized between CSM DB and the FW. No new objects are used.</P><P>This is a workaround, not a normal situation (otherwords - bug). Do not understand why it's needed to create new objects instead of using existed ones.</P><P></P><P>P.S. Just opened a case in Cisco TAC: changed the Global ACL (inheritance) for the FW. After that some of rules were missed in real device but existed in CSM DB. Branch was down for 2 hours.. Be aware and do preview config each time making deploy.</P><P></P><P>My CSM version is 4.4 SP2</P><P></P><P>Regards,</P><P>Anton</P></BODY></HTML> Thu, 03 Oct 2013 14:22:12 GMT https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320379#M920177 4nt0n_Zamaraev 2013-10-03T14:22:12Z https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320380#M920178 <HTML><HEAD></HEAD><BODY><P>Hi Anton,</P><P></P><P>CSM is nightmare <SPAN __jive_emoticon_name="devil" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/tiny_mce3/plugins/jiveemoticons/images/spacer.gif"></SPAN>, i will test your solution and i send you back a mail to give the result so thank you very much for our help <SPAN __jive_emoticon_name="happy" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.cisco.com/4.5.4/images/tiny_mce3/plugins/jiveemoticons/images/spacer.gif"></SPAN>. </P><P></P><P>regards</P><P>Meda</P></BODY></HTML> Fri, 04 Oct 2013 15:17:53 GMT https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320380#M920178 Yasm 2013-10-04T15:17:53Z https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320381#M920179 <HTML><HEAD></HEAD><BODY><P>Hi Anton,</P><P></P><P>Copying access-rules policy from FW or CSM ?</P><P></P><P>regards,</P><P>Meda</P></BODY></HTML> Wed, 16 Oct 2013 14:30:58 GMT https://community.cisco.com/t5/network-security/duplicated-objects-after-push-to-firewall/m-p/2320381#M920179 Yasm 2013-10-16T14:30:58Z