Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2645
Views
0
Helpful
1
Replies

Cisco ASA "object-group search access-control"

mattjones03
Level 1
Level 1

‎11-29-2016 01:40 PM - edited ‎03-12-2019 01:36 AM

Hi All,

Due to high memory utilisation, Cisco TAC have advised that I execute the following command;

"object-group search access-control"

I'm keen to understand the impact of the command, and determine the actual changes being made in executing the command.

Any feedback/information will be greatly appreciated.

1 person had this problem
Labels:
0 Helpful
1 Reply 1

jacobhoegh
Level 1
Level 1

‎03-30-2017 02:30 AM

In short it compresses the access-list. The only real impact for you is that you no longer will see the full acl when using the command "show access-list" (not that same as "show run access-list") And will not be able to fetch acl hit counts from Cisco Security Manager

If you have memory issues I guess you also have the firewall in context mode and in a failover setup.

In that case I have a tip for you that will release more memory. (works in ver 9.6(2)3)


-          Remove all contexts from the standby firewall (use the console or leave the admin context)
-          Save the changes on the standby then reload it.
-          Then push a failover and do the same for the other unit.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card