Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
805
Views
0
Helpful
4
Replies

DNAC - Templates for ACLs

Positron
Level 1
Level 1

‎04-01-2023 06:57 AM

Been struggling with DNAC compliance reporting with ACLs. I have a basic sample ACL that deploys successfully but the compliance in DNAC flags the entire ACL ac non-compliant. I can see the ACL in the config on the switch and in the configuration in DNAC associated with the switch. I've waited, re-ran the compliance over and over with the same results. Any guidance here is greatly welcomed. I've tried this on DNAC version 2.3.3.4 and 2.3.3.5 with the same results. The sequence numbers are indented and the compliance failure includes the 'ip access-list' line. I've tried numbered ACLs with the same results. TIA

!
ip access-list standard Blah
10 permit x.x.x.x
20 permit y.y.y.y
30 deny any log
!

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎04-01-2023 10:44 AM

If the template create you should not get that error: (can you post an example screenshot )

refer below guide:

https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-3-3/user_guide/b_cisco_dna_center_ug_2_3_3/m-compliance-audit-for-network-devices.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Positron
Level 1
Level 1
In response to balaji.bandi

‎04-01-2023 01:06 PM

thanks for the response. Yes, I am attaching the output. Template-Compliance Failure.jpg

0 Helpful

Mark_Williams
Level 1
Level 1
In response to Positron

‎06-28-2024 10:45 AM

Sorry for the necro-posting, but I just ran into this and I think I can shed some light on it. 

It's the exclamation points and the extra space on line 5. The second column of numbers is showing you the lines that are out of compliance in the template. If you edit your template to remove the blank line and the lines with exclamation points, run the compliance check and it will show as compliant. 

0 Helpful

Preston Chilcote
Cisco Employee
Cisco Employee

‎04-03-2023 09:39 AM

Unless there are some trailing spaces on one of those lines in your template, I can't tell what the problem is.  Please check for spaces and open a TAC case to see if this might be a bug.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card