10-03-2013 03:43 AM - edited 02-21-2020 05:00 AM
Hello, we recently updgrade CSM to 4.3.0 service pack2 and we figure out that objet are duplicated with _xx when push are perform to FW asa version 8.4.How i can resolve the problem in order to avoid this duplicated objets.
10-03-2013 07:22 AM
Hi Meda,
I mentioned that the duplication happens in case You're doin the discovery from the real device. At the time of discovery procedure CSM creates objects in its database with the _x suffix and the same values as in an "old" objects (without _x).
And at the next deploy CSM replaces old objects with a new ones. What I'm doing:
1) copying access-rules policy somewhere
2) discovery from the device device
3) clearing parsed config in Access Rules (deleting rules)
4) pasting rules that were copied earlier.
Result: the config is synchronized between CSM DB and the FW. No new objects are used.
This is a workaround, not a normal situation (otherwords - bug). Do not understand why it's needed to create new objects instead of using existed ones.
P.S. Just opened a case in Cisco TAC: changed the Global ACL (inheritance) for the FW. After that some of rules were missed in real device but existed in CSM DB. Branch was down for 2 hours.. Be aware and do preview config each time making deploy.
My CSM version is 4.4 SP2
Regards,
Anton
10-04-2013 08:17 AM
Hi Anton,
CSM is nightmare , i will test your solution and i send you back a mail to give the result so thank you very much for our help .
regards
Meda
10-16-2013 07:30 AM
Hi Anton,
Copying access-rules policy from FW or CSM ?
regards,
Meda
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide