Cisco Security Manager: Managing ACL's and Flexconfig
Was wondering if there were any CSM gugu's out there that might be able to help explain something to me.
Query is for CSM 4.3.
In the Policy Object Manager under the "Access Control Lists" I have defined a number of ACLs. These are not firewall ACLs, but are used for things like defining interesting traffic for protocols such as WCCP.
As there is no policy defined for WCCP, I am having to use a Flexconfig to put WCCP config on an ASA (running 8.3).
My problem is, I can't seem to get CSM to deploy the ACLs I've defined, along with the WCCP Flexconfig, even though I have referenced (via variables) the ACLs in the Flexconfig script.
I would have thought, like any other object you define in CSM, if you make use of an object in a policy thats being deployed to a device, CSM realises that you need to deploy the object to the device and does it. A good example is host, network and group objects that are deployed to a device as part of firewall rules. If you define a firewall rule that makes use of object 'A' and put that in a rule policy, CSM realises that you need to define object 'A' on any devices that the policy containing the rule with object 'A' is being deployed to. Hence, we don't have issues with firewall rule insertion failing because they reference an object that doesn't actually exist on the device.
Does this work with Flexconfigs? If not, how can I have CSM deploy the ACLs that I've defined to a device before deploying the Flexconfig script that sets up WCCP in such a way that its referencing the ACLs? I really want to avoid defining the ACLs I want to use in more Flexconfig script.
Join us for a detailed discussion of the integrations between Cisco Secure Email and SecureX. We’ll share the various ways that SecureX provides greater visibility across the Cisco Security landscape and demonstrate how Secure Email is the ...
ISE 2.7 FCS
To display default country code and Place holder customization please follow the below steps.
Upload the attached js file in Custom Portal Files.
Go to portal and add the below script in the Registration Form pag...
Part 1: The Basics
Hard-copy printing may feel very “old school” now, but a recent flurry of activity related to the print spooler service on Windows operating systems has brought one of the oldest IT applications back into the spotlight again. Our...
Python on Cisco Secure Email
The Python package used in our appliances is not a standard deployment --- just like AsyncOS is not your typical FreeBSD (a free and open-source Unix-like operating system descended from the Berkeley Software Distributio...
Wireless Controller WLC integration with Cisco ISE for access control through 802.1X is one of the most popular deployment in the network security field. Now is the employee PC safe after the authentication and authorization?even after the posture o...