Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
5293
Views
7
Helpful
19
Replies

CSCwj93921 - upgrade to 9.18.4.24: "Configuration line too long"

JesseSmith8517
Level 1
Level 1

‎05-21-2024 05:43 AM

I had observed this issue when I attempted the following sequence:

terminal pager 0
more system:running-config

I received the error message, %Error reading system:run (Configuration line too long)

Does anyone know if the error message is looking at a single command line in the running configuration?

7 people had this problem
Labels:
0 Helpful
19 Replies 19

MFIsupport
Level 1
Level 1

‎05-22-2024 02:47 AM

Running the same OS than you.

An old bug seems to be back: http://blog.boreas.ro/2007/10/cisco-asa-issues-configuration-line-too.html

I've deleted all my SNMP configuration and I can now parse and save my running conf...

 

0 Helpful

JesseSmith8517
Level 1
Level 1
In response to MFIsupport

‎05-22-2024 05:34 AM

Thank you for sharing this.  I'm curious as to how the original poster was able to narrow down the issue to the snmp-server command.  I'm also curious to know if the poster was running snmp v3...

I'm going to test this out and then come back and post some details.

 

Thanks again

0 Helpful

laszlofarkas
Level 1
Level 1

‎05-23-2024 02:10 AM - edited ‎05-23-2024 02:26 AM

Yeah, for us, it's not the snmp config, most likely it's the  very long list of objects in one of our blocklist, but haven't tested it yet.

Edit: I've culled the blocklist (deleted objects from the object-group referencing them and created new objects by summarizing prefixes) by a few hundred entries and i was able save the config. not sure what exactly is the limit, but i was able to save this:

1312421 bytes copied in 5.670 secs (262484 bytes/sec)
[OK]

# show run | count
Number of lines which match regexp = 32256

Which is surprisingly clsoe to 32768 aka 2^15. It might be a red herring, but that's all I got for now.

0 Helpful

MFIsupport
Level 1
Level 1

‎05-23-2024 02:37 AM - edited ‎05-23-2024 02:39 AM

As I said yesterday, I've deleted the SNMP configuration and then I was able to parse and save the running. Just a few minutes later, the problem occured again for no identified reason.

0 Helpful

laszlofarkas
Level 1
Level 1
In response to MFIsupport

‎05-23-2024 02:54 AM - edited ‎05-23-2024 02:56 AM

Yep, same thing here.

It seems, that adding and removing a new line to the config temporarily fixes it.

fwad05/sec/act(config)# wr
Building configuration...
Cryptochecksum: 78bfa1e2 fa2f9f41 0417ed11 2647d58e

%Error reading system:/running-config (Configuration line too long)
[OK]
fwad05/sec/act(config)# show run | count
Number of lines which match regexp = 32256

fwad05/sec/act(config)# object network kakamaki
fwad05/sec/act(config-network-object)# description bipp
fwad05/sec/act(config-network-object)# show run | count
Number of lines which match regexp = 32258
fwad05/sec/act(config-network-object)# wr
Building configuration...
Cryptochecksum: 8e3bdf28 7f92a106 3f65a01b 299db4b1

1312463 bytes copied in 4.690 secs (328115 bytes/sec)
[OK]

0 Helpful

sam25
Level 1
Level 1

‎05-27-2024 09:51 AM

Looks like this bug also causes some errors with the actual configuration.

Had one cluster member with missing network objects and therefore tunnels and other configurations weren't working.

Did a downgrade now with manual fixing the configuration from a backup...

0 Helpful

cpholt
Level 1
Level 1
In response to sam25

‎05-30-2024 03:49 AM

What version did you downgrade to to avoid this?

0 Helpful

BrentCoats0047
Level 1
Level 1

‎05-30-2024 11:28 AM

I have this same issue after upgrading from ASA 9.18(3)(56) to ASA 9.18(4)(24).  Even in ASDM it constantly shows it needs to be saved.

iipaycisco's suggestion to add a line to the config worked on one pair but not on a different pair.  

0 Helpful

cpholt
Level 1
Level 1
In response to BrentCoats0047

‎05-30-2024 11:54 AM

8.18.4.22 does not seem to suffer from the bug. There was a
workaround in the ticket, but it wasn't really practical. you have to
show the running config to the terminal one page (term page 20, for
example) at a time first, and then you can copy/save/write, etc.
0 Helpful

BrentCoats0047
Level 1
Level 1
In response to cpholt

‎05-30-2024 12:14 PM

I tried term page 40 and it worked! Thanks. Will it come back?
0 Helpful

MFIsupport
Level 1
Level 1
In response to BrentCoats0047

‎05-31-2024 01:52 AM

You can make any change you want (change an ACL description, change the terminal length...) the bug will return.

The @sam25 post is concerning me most.

0 Helpful

Network Diver
Level 3
Level 3

‎06-03-2024 02:38 AM

I have the same issue after upgrading from 9.18.4.22 to 9.18.4.24. Found a temporary workaround. When doing a "show running-config" then afterwards one can save it.

firewall1/wan1/act# write mem
Building configuration...
Cryptochecksum: 1d29e697 fe79d3f6 50dbc5b7 c1e36cdc

%Error reading system:/running-config (Configuration line too long)
[OK]

firewall1/wan1/act# show running-config

firewall1/wan1/act# write mem
Building configuration...
Cryptochecksum: a4b464cb 0bb22b65 6553f51d 24348f8e

66254 bytes copied in 1.140 secs (66254 bytes/sec)
[OK]

 

laszlofarkas
Level 1
Level 1

‎06-03-2024 03:51 AM

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj93921

They basically say to change the terminal pager to anything other than 0 and you should be able to save. They're working on a fixed version to release in a few weeks, at least that's what i got from support.

Our firewall misteriously crashed when removing and object from under an object group, so they're investigating that as well, but might not be related.

 

MFIsupport
Level 1
Level 1
In response to laszlofarkas

‎06-04-2024 01:05 AM

So the current "official" workaround has the same spirit than the one we tried before: make a minor change in configuration.

Thanks for the update.

0 Helpful
Top