Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

deleting access list, ASDM delete route

I had a problem when i deleted an access-list. The GUI interface is deleting me de route associate whith the IP invoved in the access-list. This is the output in my syslog server when i deleted the ACL:

Dec 5 16:24:21 192.168.157.1 : %PIX-5-111008: User 'jvega' executed the 'no route genesis 10.252.252.128 255.255.255.192 192.168.157.4 1' command.

Dec 5 16:24:21 192.168.157.1 : %PIX-5-111008: User 'jvega' executed the 'no access-list Desa_access_in extended permit tcp host 10.251.251.18 10.252.252.128 255.255.255.192 eq 21' command.

Thank's for your help

3 REPLIES
Bronze

Re: deleting access list, ASDM delete route

No, it is expected result. If you remove any access-list especially which was created to allow/permit traffic from particular destination, then the basic characterisitic of firewall comes into effect that is by default all the traffic from the outside networs blocked.

Community Member

Re: deleting access list, ASDM delete route

Cisco might label it a feature, but we users call it a bug. All Cisco's GUI configuration tools have similar problems... they get a little sloppy about deletions and changes. As a general rule, don't use a GUI for simple tasks. And always inspect what the tool wants to send to your router *before* it send it.

(In Cisco's defense, the tools usually warn you when it's going to do far more than you just asked it to.)

Community Member

Re: deleting access list, ASDM delete route

Ok, thank's for your help...you are right, this is a bug and the GUI interface is the problem. When i use CLI's i never have problems. May be the bug that i am hitting is CSCsg05431 bug id.

Regards.

122
Views
0
Helpful
3
Replies
CreatePlease to create content