Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
587
Views
0
Helpful
5
Replies

question about Access Rules in ASDM

Go to solution
SIMMN
Spotlight
Spotlight

‎02-21-2017 12:15 PM - edited ‎03-12-2019 01:57 AM

I have two sets of ASA firewalls (no firepower). From CLI, I configured followings:

access-list Outside_access_in extended deny ip object-group Bad-Sources any4
access-list DMZ_access_in extended deny ip any4 object-group Bad-Sources

Then from ASDM to view/verify the access control rules, they show like followings attached.

So where/how does ASDM pick the user, security group for source and security group for destination...When edit the same rule from ASDM, User and/or security group are empty...

ASA is running 9.7.1 and ASDM is 7.7.1.

Thanks,

/S

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎02-21-2017 12:35 PM

This is a bug in ASDM 7.7(1) where random objects are populated.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc92151/?referring_site=bugquickviewredir

User and Security Group fields in ASDM show invalid content and random objects
Fix should come out in the 7.8(1) release.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎02-21-2017 12:35 PM

This is a bug in ASDM 7.7(1) where random objects are populated.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc92151/?referring_site=bugquickviewredir

User and Security Group fields in ASDM show invalid content and random objects
Fix should come out in the 7.8(1) release.
0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Rahul Govindan

‎02-21-2017 12:49 PM

Thanks...that is convenient...ASDM 7.7.1 is the only one compatible with ASA 9.7.1 firmware...But why that bug is not listed in the release notes?

I guess no one knows the ETA for 7.8(1), right? Do I have to downgrade ASA to 7.6.2 then?

0 Helpful

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni
In response to SIMMN

‎02-21-2017 01:02 PM

You are right, the support for the 9.7(1) release is only the 7.7(1). You may be able to use 9.6(1) also with the release, I have not tested this though. You could try checking with TAC to see if there is an earlier release with the fix out for this.

The release notes usually has only the open bugs when the image was released. This bug may have been discovered after that, which may take some time to be updated back into the release notes. You can use the Bug search tool to look for all open bugs in a particular release.

0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Rahul Govindan

‎02-21-2017 03:15 PM

Can I ask did you search the bug tool found the bug or you are aware it already?

0 Helpful

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni
In response to SIMMN

‎02-21-2017 06:25 PM

I was aware of this particular bug. But, I have searched for bugs in the past using the tool. I verified that this bug is showing up in the tool when searching for bugs in ASDM 7.7 release.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card