Cisco Bug: CSCvv95693 - ENH : Support to detect DACL's duplicate name based and port based entries by ISE
Oct 09, 2020
- Cisco Identity Services Engine
Known Affected Releases
Symptom: ISE check DACL syntax feature fails to detect duplicate entries for port based and name based access-list switch or other network device may then drop the connection due to invalid syntax which ISE check failed to detect. permit udp any any eq 53 permit udp any any eq domain >> No error seen, ISE says it's valid DACL. permit udp any any eq 53 permit udp any any eq domain ise throws error: duplicate entries found Conditions: enter both name based and port based acl entries in the dacl and ise will consider it valid. permit udp any any eq 53 permit udp any any eq domain >> No error seen, ISE says it's valid DACL.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases