Guest

Preview Tool

Cisco Bug: CSCvv34771 - Optimisation while migrating the rules that are zone based but leverage identical parameters.

Last Modified

Oct 02, 2020

Products (1)

  • Cisco Firepower NGFW

Known Affected Releases

2.1(2)

Description (partial)

Symptom:
After the migration is performed using the FMT from ASA, the policy deployment on the FTD fails with the error message "Cannot parse the access rules -170".

Deleting a few rules and deploying again might make the deployment successfull

Conditions:
The issue is seen under the specific condition:

1. A high number of port-based rules where multiple ports are configured in each rule.
2. Zones and Source network parameters are used as differentiating factors while the destination object in-network and ports remain the same.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.