06-24-2019 07:17 AM
Hi,
I've recently updated a Cisco ASA5516-X (with Firepower)
to firmware 9.12.2 with ASDM 7.12.2
However this seems to have caused a problem when updating access control lists via the asdm
It now adds "access-list mode manual-commit" and "access-list mode auto-commit"
to the beginning and the end of the list of commands it issues to the firewall when applying ACL changes via the ASDM
So for example
access-list mode manual-commit access-list L3_access_in line 1 remark Test rule access-list L3_access_in line 2 extended permit ip object Win-L2-TermServ any access-list commit access-list mode auto-commit
which results in a error of
[ERROR] access-list mode manual-commit access-list mode manual-commit ^ ERROR: % Invalid input detected at '^' marker. [OK] access-list L3_access_in line 1 remark Test rule [OK] access-list L3_access_in line 2 extended permit ip object Win-L2-TermServ any [ERROR] access-list commit access-list commit ERROR: % Incomplete command [ERROR] access-list mode auto-commit access-list mode auto-commit ^ ERROR: % Invalid input detected at '^' marker.
I suspect this might be a bug with the asdm
According to this list it should all be compatible
https://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#id_59423