Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

class-map type inspect match access-group name question

I'm creating a zone base firewall solution and all appears to be fine until I create a class-map type inspect match-all or any

and match access-group name acl to match an extended ACL and once I match it the commands runs but when I go back to view the configuration of the class-map it is not there. 

 

I have tried other named ACLs and it works if the ACL contents are simple like permit ip any any but for complex ACLs with ranges, tcp, udp, icmp etc etc it does not take it but  it does not report an issue either and when I view the config its not there for the complex extended acl but for the simple extended acl it does show.

 

Any restrictions or possible bugs I'm running into?

Thanks for all looking

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Green

Ah yes, that would do it. 

Ah yes, that would do it.  But you didn't mention that in your original post which is why its always good to provide the configuration you are working with in the post ;-)

Glad you got it sorted

--

Please remember to select a correct answer and rate helpful posts

--

Please remember to rate and select a correct answer
4 REPLIES
VIP Green

This could be a bug.  Could

This could be a bug.  Could you post the exact configuration you are trying to implement?  I just set up a small test and I have been unable to reproduce what you are seeing.  I would like to see if I get the same result using your config. 

--

Please remember to select a correct answer and rate helpful posts

--

Please remember to rate and select a correct answer
New Member

Hi Marius,I tried to carry

Hi Marius,

I tried to carry out this same config on a router running 15.x code and the message I got back is

access-lists with 'log' keyword are not supported so I removed the log from the acl and it worked fine.

 

Thanks for the reply back.

Regards,

Juan

 

VIP Green

Ah yes, that would do it. 

Ah yes, that would do it.  But you didn't mention that in your original post which is why its always good to provide the configuration you are working with in the post ;-)

Glad you got it sorted

--

Please remember to select a correct answer and rate helpful posts

--

Please remember to rate and select a correct answer
New Member

Thank you for your time.

Thank you for your time.

96
Views
0
Helpful
4
Replies
CreatePlease login to create content