Cisco Bug: CSCsz72810 - InCorectly added "Host Scan File Check e.g 'C:\' " breaks DAP Policies
Nov 08, 2016
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: Configured DAP polices are not working and User is 'Always' being matched against the "DfltAccessPolicy". The Host Scan Log on the User PC shows that the PC satisfied the requirements E.g. Anti-Virus, OS Check etc But ASA still assigned the User to the DfltAccessPolicy. Conditions: This could happen, if an "In-Correct" Basic Host Scan is added for checking the presence of a File on the User PC. E.g The check was added as "C:\" instead of "C:\filename". This issue will occur, even if the In-Correct Host Scan entry is Not being referenced in any of the configured DAPs.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases