Solved: Re: Can you configure/modify Firepower access policies via CLI

martino-cisco · ‎12-08-2017

Hi All,

I have been managing a firepower module via ASDM and lost access to it because of an access policy.

Is it possible to create/modify an access policy from the SFR console CLI?

martino-cisco · ‎01-06-2018

Hi,

Thanks for your post. I had something similar already. I just forgot to update the post...but thanks for your suggestion. In my case, I just disabled the policy-map on the required interface temporarily to get back in.

Quite disappointing that there's no way to configure policies from the cli though. Hope this can be addressed at some point

View solution in original post

Marvin Rhoads · ‎12-09-2017

No you cannot. They are stored as database objects and manual configuration from the cli is not supported.

er.shivamdubey31190 · ‎01-04-2018

Hi Martino,

Wishing you a very happy new year.

Though it is and old post and by this time you must have resolved the issue.

In case not, Go ahead and to cli of asa an by pass the sfr module or put it in monitoring mode.

After that you would be able to access sfr tab and you can eaisly correct your old policy.

Please mark the answer as helpful, if it resolves your issue.

Br

Shivam 😊

martino-cisco · ‎01-06-2018

Hi,

Thanks for your post. I had something similar already. I just forgot to update the post...but thanks for your suggestion. In my case, I just disabled the policy-map on the required interface temporarily to get back in.

Quite disappointing that there's no way to configure policies from the cli though. Hope this can be addressed at some point