Guest

Preview Tool

Cisco Bug: CSCta90115 - Cannot deploy service module policy in IOS

Last Modified

Nov 10, 2016

Products (1)

  • Cisco Security Manager

Known Affected Releases

3.3(1)QA1.1

Description (partial)

Symptom:
Deployment fails for IOS IPS device (having service module like AIM-IPS) for specific configurations through CSM.
The failure message is given below,
An error response from the device prevented successful completion of this operation.
The device provided the following description: ids-service-module monitoring inline access-list <acl-number>
Either software based IOS IPS feature or an IDS/IPS module can be configured on a router at the same time.
Please remove IPS feature configuration in IOS before configuring ids-service-module.

Conditions:
The problem is specific to IOS IPS device having service module like AIM-IPS.
The issue occurs when Interface Rules policy is disabled and IPS module policy is enabled in single step.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.