Guest

Preview Tool

Cisco Bug: CSCvi18509 - Default DNS flexconfig doesn't work without edits

Last Modified

Jun 19, 2019

Products (32)

  • Cisco Firepower Management Center
  • Cisco FirePOWER Appliance 8120
  • Cisco FirePOWER Appliance 8260
  • Cisco FirePOWER Appliance 7050
  • Cisco FirePOWER Appliance 8360
  • Cisco Firepower Management Center 2500
  • Cisco AMP 7150
  • Cisco AMP 8150
  • Cisco FirePOWER Appliance 8140
  • Cisco FirePOWER Appliance 8350
View all products in Bug Search Tool Login Required

Known Affected Releases

6.2.0 6.2.1 6.2.2 6.2.3 6.2.3.2

Description (partial)

Symptom:
On FTD you're unable to configure DNS anywhere in the GUI, so you must use flexconfig.  The built-in flex config object designed to assist users contains incorrect variable references.

dns-guard 
 #if ( $dnsParameters.get(3) != "" ) 
 dns domain-lookup $dnsParameters.get(3)  <--Should reference an interface variable, not a variable in dnsParameters
 #end 
 ### 
 dns server-group DNS-1 
 #if ( $DNSParameters.get(0) != "" ) 
 retries $dnsParameters.get(0) 
 #end 
 #if ( $dnsParameters.get(1) != "" ) 
 timeout $dnsParameters.get(1) 
 #end 
 #if ( $dnsParameters.get(2) != "" ) 
 domain-name $dnsParameters.get(2) 
 #end 
 ### 
 #foreach ( $server in $dnsNameServerList ) 
 #if ( $dnsParameters.get(3) != "" ) 
 name-server $server $dnsParameters.get(3)  <--"$dnsParameters.get(3)" is unneeded
 #end 
 #end

Conditions:
Attempting to configure DNS on FTD using the built-in DNS_Configure flexconfig object.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.