Cisco Security Manager 4.2 - Deployment lost rules on firewall

Unanswered Question
Oct 5th, 2011

I have just built a new server running csm 4.2 and migrated my database over to it.

I then did a change to one of our firewalls.

It promptly errored on the deployment of custom services so I had to swap them out for just port numbers.

The next problem was it took a lot of the rules on the external interfaces of the firewalls out.

We have access groups structured as follows.

Top level


Second level (about 50 of these)


Each of these Objects can contain anything from 1 to 100 ip addresses i.e.


It appears that CSM 4.2 has a problem with deploying this sort of stacked object - I am just glad I didn't do this on the production firewalls as they contain thousands of these rules.

I have now switched 4.0.1 back on and reployed the same config from there without any issues.

Can anyone shed any light on this?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)


Login or Register to take actions

This Discussion

Posted October 5, 2011 at 3:35 AM
Replies:0 Avg. Rating:
Views:1148 Votes:0

Related Content

Discussions Leaderboard