ASA: duplicate lines in running-config

jer0nim0x · ‎08-17-2012

Hi there,

I noticed duplicate commands in the running config of our standby ASA (failover pair).

diff -u asa-253.startup.cfg asa-253.running.cfg:

--- asa-2.startup.cfg 2012-08-17 15:49:12.000000000 +0200

+++ asa-2.running.cfg 2012-08-17 15:50:21.000000000 +0200

@@ -1,5 +1,5 @@

: Saved

-: Written by enable_1 at 11:07:47.667 CEDT Thu Aug 16 2012

+: Written by enable_15 at 15:49:50.271 CEDT Fri Aug 17 2012

!

ASA Version 8.2(5)

!

@@ -338,11 +338,6 @@

-access-list 1_ACL webtype permit url rdp://X log notifications interval 300

-access-list 1_ACL webtype deny url any log default

-access-list 2_ACL webtype permit url telnet://Y log default

-access-list 2_ACL webtype permit url ftp://Y/* log default

-access-list 2_ACL webtype deny url any log default

@@ -351,9 +346,19 @@

+access-list A_ACL webtype deny url any log default

+access-list B_ACL webtype deny url any log default

+access-list 2_ACL webtype permit url telnet://Y log default

+access-list 2_ACL webtype permit url ftp://Y/* log default

+access-list 2_ACL webtype deny url any log default

+access-list 2_ACL webtype permit url telnet://Y log default

+access-list 2_ACL webtype permit url ftp://Y/* log default

+access-list 2_ACL webtype deny url any log default

+access-list 1_ACL webtype permit url rdp://X log notifications interval 300

+access-list 1_ACL webtype deny url any log default

Is that bad? Why could it be?

Bye,

Marki

Marcin Latosiewicz · ‎08-18-2012

Marki,

It's a known but not yet fixed ( 18 Aug 2012) problem:

M.