Preview Tool

Cisco Bug: CSCvv34771 - Optimisation while migrating the rules that are zone based but leverage identical parameters.

Last Modified

Oct 02, 2020

Products (1)

  • Cisco Firepower NGFW

Known Affected Releases


Description (partial)

After the migration is performed using the FMT from ASA, the policy deployment on the FTD fails with the error message "Cannot parse the access rules -170".

Deleting a few rules and deploying again might make the deployment successfull

The issue is seen under the specific condition:

1. A high number of port-based rules where multiple ports are configured in each rule.
2. Zones and Source network parameters are used as differentiating factors while the destination object in-network and ports remain the same.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.