Cisco Bug: CSCvv69258 - access-list: FP9300 188.8.131.52ASA missing entries in the object expand after object-group modification
Oct 24, 2020
- Cisco Adaptive Security Appliance (ASA) Software
Known Affected Releases
Symptom: Access list on the ASA with object groups, object groups are having the same content, when we do "show access-list ACL-name" we are not able to see self to self association from the object groups, for example we are not able to see access-list OUTSIDE line 1 extended permit tcp 184.108.40.206 255.255.128.0 220.127.116.11 255.255.128.0 eq 5004 (hitcnt=0) 0x8998ab1b Conditions: Access-list Applied with object groups with same content For example: object-group network Example network-object 18.104.22.168 255.255.255.0 network-object 22.214.171.124 255.255.255.0 network-object 126.96.36.199 255.255.255.0 network-object 188.8.131.52 255.255.255.0 object-group network Example2 network-object 10.0.0.0 255.0.0.0 object-group network all1 group-object Example1 group-object Example2 object-group network all2 description group-object Example1 group-object Example2 access-list OUTSIDE extended permit ip object-group all1 object-group all2 After modifiying the objects, self to self bindings wont appear on the device.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases