Guest

Preview Tool

Cisco Bug: CSCtd58292 - SSL-Logs are not deployed and discovered properly in CSM for DAP

Last Modified

Nov 10, 2016

Products (1)

  • Cisco Security Manager

Known Affected Releases

4.0(0)QA3

Description (partial)

Symptom:

Deployment shows in delta config
access-list test3 webtype permit url https://info.com log information is deploying as 
access-list test3 webtype permit url https://info.com log 

so when it deploy to device this cli is access-list test3 webtype permit url https://info.com log is converted into access-list test3 webtype permit url https://info.com log emergency ( this is device behaviour)

5.Rediscover without changes
access-list test3 webtype permit url https://info.com log default is discovered as access-list test3 webtype permit url https://info.com log information

6.Redeply without changes
access-list test3 webtype permit url https://info.com log information is changed into access-list test3 webtype permit url https://info.com log emergency

the issue is
From CSM (ie Deploy) : information -> emergency
From mdevice (discovery) : default -> Informatinal

Conditions:

1.Import ASA device
2.Configure DAP policy with Access metnod as "unchanged or Web portal"
3.Assign WebACL with all log options (ref screenshot-test3 and test4)
4.Deploy
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.