Hi,
Setup:
Cisco Security Manager 4.14 Build 78 SP2
ASA 5585 (multiple context mode)
ASA v9.6(2)
Problem:
I am trying to implement rules for all Interface (global ACL); however, when I do a detect out of band changes on the CSM I get an error stating the device is not supported.
No, I am not trying to setup global rules for all context, I am doing it for the interfaces within each context. It makes no sense for me to have to enter each ruleset individually in CSM. Especially when the contexts have 10 or more interfaces.
Command used:
access-list GLOBAL extended permit tcp host 1.1.1.1 host 3.3.3.3 eq http
access-group GLOBAL global
In the context, the command is accepted without any errors.
I perform the Detect out of band changes. After the CSM has checked the ASA, As soon as I select Evaluate, to evaluate the context select I receive the error that the device is not supported.
Earlier, an acl was created and successfully imported to the ASA using the Out of Band option.
What am I doing wrong?
Thanks in advance.
Regards,
Jasper