New ACE on ASA not matching until edited

Unanswered Question
Jan 3rd, 2008
User Badges:

Hi everybody

I've run into a strange behaviour of different ASAs with different 7.2.2 releases. When I add a new ACE to an ACL it doesn't match. After changeing it from permit to deny and back to permit it matches the traffic. Weird.

Well: Until today I could live with that but now it seems that a customer has run into a similar bug with The rule matches the traffic and after several weeks of regular operation the box starts to drop active sessions after a couple of hours. As the days go by the period after which a session is terminated shortens to some minutes. The work-around is for example to change the logging parameters of the ACE. After that all the sessions keep established as they did before.

Has anybody ever seem somthing similar? Or does anybody now a specific bug Id on that?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion