Preview Tool

Cisco Bug: CSCsg35578 - Import ACE: Validation not done if the config is not in show run format

Last Modified

Nov 10, 2016

Products (1)

  • Cisco Security Manager

Known Affected Releases

3.1(0)QA11 3.1(0)QA26 3.1(0)QA6 3.2(0)FCS4

Description (partial)

Some options are omitted from rules that are created using the Import Rules feature.

The following violations from the 'show run' format are known to cause problems:
1. Empty Port values.
eg: access-list 100 permit ip any any eq
Result: The rule is created without port value

2. In IOS, destination port values are not validated for 'eq' and 'neq'.
ip access-list extended aa
 permit ip any any eq 12 10000000
Result: The rule is created without the invalid port value.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.