cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

1163
Views
0
Helpful
0
Replies
Highlighted
Beginner

Cisco Security Manager 4.17 appends some commands not required at policy deploy

We manage some ASA firewalls with a CSM 4.17.

When we deploy the rules, some unsolicited commands are also sent, in particular the following:

 

tcp-map mssexc

 exceed-mss allow

 

timeout uauth 0:10:00 absolute uauth 1:00:00 inactivity

 

The timeout command has a shared policy, but is not modified before the deploy.

The tcp-map command has a shared policy, but is not modified before the deploy.

 

ASA 5505 and 5510 - Software Version 7.2(5)

ASA 55012-X  -  Software Version 8.6(1)17