Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Changes to ZFW, requiers reload to take effect, really?


I'm relativily new to the IOS ZFW, and have spend a lot of time to figure out why my configs didn't work, and by mistake a router reloaded and every thing worked perfectly.

My question is, is it really nessary to reload every time you make a small change/addition to e.g.. a class-map?

I've tried to remove and re-apply the zone-member on the interfaces, and do shut and no shut, but only reload works.

Another way than reload is appreciated.

Regards, Jorgen Dam

Everyone's tags (1)
Cisco Employee

Re: Changes to ZFW, requiers reload to take effect, really?

No, you do not need a reload.

Sometime while configuring you might see some conns fall into a session of ZBF that is not the right one (you were still configuring). So clearing the inspected sessions in ZBF could also help.

But in general it is not very common to use the clear or reboot the router for ZBF to take effect.

You would need to check the logs while in the broken state to see what ZBF was doing.

I hope it helps.


New Member

Re: Changes to ZFW, requiers reload to take effect, really?

Thanks pkampana,

But there was indeed a bug in the IOS. Here is the reponse from Cisco TAC:

"You are hitting a well-known software bugs with the ID: CSCte85909 ZBF: Changes in nested class-maps do not take effect until reload, so upgrading 15.0(01)M2.7 should solve the problem."

I upgraded to version 15.1T and every thing workd the way it should.