Guest

Preview Tool

Cisco Bug: CSCup28968 - ASA deletes the wrong rules when ACL optimization is enabled.

Last Modified

Apr 16, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.0 9.1 9.2

Description (partial)

Symptom:
Access-rules entries are deleted on adding or deleting a member in an associated object-group

Conditions:
ACL optimization in enabled.

The affected ACL entry is using an object-group

This message is displayed when adding a member in object-group:

Adding obj to object-group (OBJECT_GROUP_NAME) failed; cause access-list error

Related Community Discussions

ASA 5500-X using ASDM 7.3.101 edit object-group deletes access-list
Hi all,   I have an object-group (OBJ-Customers) with multiple other object-groups (OBJ-client01; OBJ-client02...etc). When I was adding a new object (OBJ-client0Z) to the main OBJ-Customers, every access-list that had OBJ-Customers got deleted.   Now, when I try to add any objects to OBJ-Customers I get an access-list error (file attached), even thow OBJ-Customers is not on any access-list. Plus, I cannot create any new access-list with OBJ-Customers (it dosent error but the access-list just doesn`t ...
Latest activity: Dec 06, 2014
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.