We update fwsm acl's by editing textfiles (partial automatically) (with 'clear configure access-list <>' in the top and 'access-list commit' in the bottom)and then tftp'ing them to the fwsms. However scripting this process with 'Expect' has caused the active fwsm to now and then partially freeze on the management access (normal traffic ok)(Configuration update in progress by another process....) with no recover except forced failover and reload. ACL size has no influence apparantly. The problem has not occured when doing it manually:
copy tftp run
Any ideas for a fix ? And what is best practice for acl updates (~ 55 same security level interfaces in single mode) I don't think asdm is the solution.