With ASDM 7.8.2 151 and ASA 9.8.2-8 it does not appear to be possible to create a service policy inspection rule that uses "all traffic" and the Firepower module.
With zero other rules, if I add a new service policy rule, choose global, then choose "any traffic" for the traffic match criteria, then click next and try to choose the ASA Firepower Inspection tab, I get a pop up window "you have specified default inspection as the traffic match criterion. Only inspect rule actions can be specified for the default inspection traffic." and cannot proceed. If I choose default inspection traffic and move forward, I can choose the ASA Firepower Inspection tab and enable firepower inspection.
Am I missing something?
Solved! Go to Solution.
Yeah, that bug looks like it exactly. I wonder what kind of unit testing Cisco is using for these releases when basic mission critical functions like "tell the ASA to use the firepower module to inspect traffic" and "actually open the log window when I click the button to open the log window" are broken and it is still released to customers.
Yeah that fixed it, and in exchange on the device dashboard it no longer renders the digits for the number of clientless and anyconnect clients connected. Awesome QC there Cisco.
I installed ASDM 7.9(2) the issue is resolved i can now navigate and changes parameters Rule Actions -> in all tab QOS, Connection Settings, NetFlow, ...