When using a baseline compliance template to check and deploy a standard ACL, I encountered what seems to be a bug:
I configured a template with these commands:
+ip access-list standard 21
+; Hosts allowed access
+ permit host 10.20.30.40
+ permit host 40.30.20.10
+ deny any log
When I do compliance check and deployment, the last line is dropped by LMS.
In fact, when I look into the job's "Work Order", the commands are:
ip access-list standard 21
; Hosts allowed access
permit host 10.20.30.40
permit host 40.30.20.10
After the job run, "show running-config" shows the access list matching the "Work Order" (without the "deny any log" command.)
Is this a bug?