LMS 4.2.3 baseline compliance template and standard ACL

ww9rivers · ‎01-15-2014

When using a baseline compliance template to check and deploy a standard ACL, I encountered what seems to be a bug:

I configured a template with these commands:

+ip access-list standard 21

+; Hosts allowed access

+ permit host 10.20.30.40

+ permit host 40.30.20.10

+ deny any log

When I do compliance check and deployment, the last line is dropped by LMS.

In fact, when I look into the job's "Work Order", the commands are:

ip access-list standard 21

; Hosts allowed access

permit host 10.20.30.40

permit host 40.30.20.10

After the job run, "show running-config" shows the access list matching the "Work Order" (without the "deny any log" command.)

Is this a bug?

Vinod Arya · ‎01-22-2014

Doesnt have any issues on my Lab 4.2.4. following is the Job Work order :

Name:

Archive Mgmt Job Work Order

Summary:

General Info
----------------------------------------------------------------------------------------------
JobId: 2704
Owner: admin
Description: test_acl
Schedule Type: Immediate
Job Type: Compliance Check
Baseline Template Name: test_acl
Attachment Option: Disabled
Report Type: NA

Job Policies
----------------------------------------------------------------------------------------------

E-mail Notification: Not Applicable
Job Based Password: Disabled

Device Details
----------------------------------------------------------------------------------------------

Device	Commands

Sup_2T_6500	ip access-list standard 21 permit host 10.20.30.40 permit host 40.30.20.10 deny any log

10.104.149.180	ip access-list standard 21 permit host 10.20.30.40 permit host 40.30.20.10 deny any log

Check your template, or export it and share, i will try it on my LMS server. also, check the same complaince job on other devices if you have such issues.

-Thanks

Vinod

**Rating Encourages contributors, and its really free. **

-Thanks Vinod **Rating Encourages contributors, and its really free. **