07-01-2021 09:05 AM - edited 07-21-2021 01:40 PM
I just noticed that an ACL shows in ASDM fine but nowhere to be found in running-config all!
Could my NVRAM or something be bad on ASA5585?
Solved! Go to Solution.
07-01-2021 01:04 PM
Cisco BlueBelt_Stripe just make sure you are running ASA code compatibility with ASDM. I have seem in past where the software ASDM was not compatible with ASA code give you strange issue/behavior.
you have not mentioned what software ASA code and what ASDM you running. here on this page you can match if you are running the ASA code with is compatible with ASDM.
Could my NVRAM or something be bad on ASA5585?
- I do not think so if this is the case you can issue "dir flash:" to check/see it.
If i get is right you can see the ACL entries on ASDM but when you SSH to the unit you do not see the ACL. Stupid question but have you issue the command "show run" or "show run all" or "more system:running-config"
07-02-2021 07:57 AM
CiscoBlueBelt_Strip. l love your name
anyway I just look at cisco ASDM matrix here is the support version for you ASA Code.
where as you running 7.8(1). would be good if you match according to cisco guidelines.
07-01-2021 09:25 AM
have clicked save and apply ?
07-01-2021 11:32 AM
Yes, save. Etc.
07-01-2021 10:18 AM
What is the software version you on ASA and what is the ASDM Image? Did you apply click the apply button at ASDM to push the configuration?
Just a site note enable command preview on ASDM. First open up ASDM and go to Tools -> Preferences: Then on the General Tab, you’ll see under the Communications section an option titled “Preview commands before sending them to the device.” Check that little check box there and hit Okay.
enabling this you can take the copy of your configuration before pushing to the ASA incase if the configuration not pushed least you have the command you can either do it from SSH CLI.
07-01-2021 11:38 AM
Awesome.
So the ACL has numerous entiies which is shown on GUI but not running config. Very strange
07-01-2021 01:04 PM
Cisco BlueBelt_Stripe just make sure you are running ASA code compatibility with ASDM. I have seem in past where the software ASDM was not compatible with ASA code give you strange issue/behavior.
you have not mentioned what software ASA code and what ASDM you running. here on this page you can match if you are running the ASA code with is compatible with ASDM.
Could my NVRAM or something be bad on ASA5585?
- I do not think so if this is the case you can issue "dir flash:" to check/see it.
If i get is right you can see the ACL entries on ASDM but when you SSH to the unit you do not see the ACL. Stupid question but have you issue the command "show run" or "show run all" or "more system:running-config"
07-02-2021 06:13 AM
ASA version 9.6(3)1
ASDM 7.8(1)
Yes I click apply. Actually first I did command via CLI, then that entry is only shown on Advanced>ACL manager and not under Access rules. So no other entries of the ACL (which indeed is applied otherwise lots of traffic would not work) is not shown in running config
07-02-2021 07:57 AM
CiscoBlueBelt_Strip. l love your name
anyway I just look at cisco ASDM matrix here is the support version for you ASA Code.
where as you running 7.8(1). would be good if you match according to cisco guidelines.
07-14-2021 07:33 AM
Hi, yes I noticed it is not matching. Upon doing more t-shooting, appears ASA does not like objects or groups. Added rules that still would not allow traffic, but only worked if just using IP instead of an object in the ACL statement. Weird. Packet-tracer would show rules should work and all, but packet captures showed traffic not moving betweeen interfaces, and montiring log would show it was being denied. Any other ideas besides matching versions?
Thanks. Just noticed name should be Cisco_Blue_Belt_1_stripe LOL as I promoted myself. Will be changing color soon
07-01-2021 02:22 PM
I have seen this issue before. For me upgrading ASA and ASDM images solved the issue.
07-02-2021 06:10 AM
Yes what I had in mind
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide