Guest

Preview Tool

Cisco Bug: CSCvs76356 - [ENH] 'merge-dacl' command should be available in FlexConfig

Last Modified

Apr 14, 2020

Products (1)

  • Cisco Firepower NGFW

Known Affected Releases

6.4.0.4

Description (partial)

Symptom:
In ASA it is possible to merge DACL with additional ACEs applied as additional RADIUS attributes by issuing the following command:

(config-aaa-server-group)# merge-dacl ?

aaa-server-group mode commands/options:
  after-avpair   The downloadable ACL will be placed before after the Cisco
                 AV-Pair ACL
  before-avpair  The downloadable ACL will be placed before the Cisco AV-Pair
                 ACL

Currently FTD Flex-config does not allow it

Conditions:
AAA for instance on ISE with configured policy results utilizing DACL and av-cisco attributes with additional ACEs
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.