Cisco Bug: CSCsg35578 - Import ACE: Validation not done if the config is not in show run format
Nov 10, 2016
- Cisco Security Manager
Known Affected Releases
3.1(0)QA11 3.1(0)QA26 3.1(0)QA6 3.2(0)FCS4
Symptom: Some options are omitted from rules that are created using the Import Rules feature. Conditions: The following violations from the 'show run' format are known to cause problems: 1. Empty Port values. eg: access-list 100 permit ip any any eq Result: The rule is created without port value 2. In IOS, destination port values are not validated for 'eq' and 'neq'. eg: ip access-list extended aa permit ip any any eq 12 10000000 Result: The rule is created without the invalid port value.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases