cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1823
Views
5
Helpful
6
Replies

Sourcefire AD Group problem

pzivotic1
Level 1
Level 1

Hello ,

I am having problem to create rules for different AD group. I already got few rules for individual AD group and they are working fine.

But when i want to add specific group ( group B ), i  am getting error  Unknown Error (299): Invalid access_type: read (/usr/local/sf/lib/perl/5.10.1/SF/EOHandler.pm line 1213) just for that group B. Before this i noticed that group B, for which i got problem,

is processed by rule created for different group ( group A ). They are completely differnet from each other, not members of any other group,

doesn't have same members.

Could You please help me with this

Thank You

6 Replies 6

Aastha Bhardwaj
Cisco Employee
Cisco Employee

Hi,

It seems to be some issue with the rule that is being created , I would suggest you to close the FMC , restart creating the rule and try saving it everytime when you create a rule so we know what part is exactly failing .

If that does not resolve the issue , you might need to open up a TAC case so that further investigation can be done on the same.

Regards,

Aastha Bhardwaj

Rate if that helps!!!

Hello,

I have the same issue, in the section "Access Control Policy" when i press the button "Store ASA Firepower changes", i get the pop-up "Save Error". So i can not make changes, create or delete rules, i'm stuck. Please help me !

Versions :

ASA 9.6(1)

ASDM 7.6(1)

Firepower 6.0.1-29

Device : ASA 5506-x (License TAMC all registered)

hi Khalifa, 

Did you fixed this issue? I run into the same issue.

Regards,
Sander

Hi

It would require removing some objects from CLI. Would suggest to open TAC case to resolve the issue.

ehh it's my ASA for home use, got it from LIVE :) 

Really strange, cause i just installed the image and upgrade the damn thing. Only got 2 rules in the Access Policy. You got a technote or something that i can try?

Fixed it a couple of hours ago. You can put the rules in disabled state and save the config and push it. After the configuration change is done, you can remove the disabled rules. Another push of the access policy and you're done with the errors. 

Review Cisco Networking for a $25 gift card