Guest

Preview Tool

Cisco Bug: CSCvt62326 - PA/2.1.4266/Multi nested source port range ACL split

Last Modified

Jun 11, 2020

Products (1)

  • Cisco Firepower NGFW

Known Affected Releases

2.1

Description (partial)

Symptom:
Scenario: When the service object is configured with source port and Ip-range is defined in either source or destination port.

Issue: There is no split in the ACL for such service object. All the source port are merged in single group and applied to the parent ACE. Parent ACE also contains other service objects  which don’t have source port defined. Hence source port gets applied to the service objects which don’t have any source port defined.

Conditions:
There is no split in the ACL for such service object. All the source port are merged in single group and applied to the parent ACE. Parent ACE also contains other service objects  which don’t have source port defined. Hence source port gets applied to the service objects which don’t have any source port defined.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.