Cisco Bug: CSCur25021 - ASDM command exec order - old object should always be removed first
Sep 17, 2019
- Cisco Adaptive Security Device Manager
Known Affected Releases
Symptom: ASDM generates commands in the wrong order when deleting a network/service object or network/service group, then creating an object of a different type with the same name. ASDM generates add commands first, then the "no" commands, which causes the add commands to fail. For example, if you have an network object "objX" that is used in an ACL and want to change it to an object group, ASDM generates the following commands: object-group network objX network-object host x.x.x.x access-list trust_access_in_1 line 1 extended permit ip object-group objX any no access-list trust_access_in_1 line 2 extended permit ip object objX any no object network obj10 All of the commands except the last one fail. Conditions: Deleting a network/service object or group and creating an object of another type with the same name in one transaction.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases