Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Some group names created in ASDM aren't visible in ASDM afterwards

I am early into the configuration of an ASA 5510 on version 8.3(2) of the OS and 6.3(4) of ASDM.

One oddity I've noticed already is that when I've created Network or Service Groups in ASDM, some of them appear immediately in ASDM and some never do.  Here are two examples of groups that I can see in the text configuration but not in ASDM:

object-group network DM_INLINE_NETWORK_1
group-object BMH_1st_2nd_Fl
group-object BMH_Printers

object-group service DM_INLINE_TCP_1 tcp
port-object eq ftp
port-object eq ftp-data
port-object eq www

The names are similar, so I've wondered if there is something about the names that are causing ASDM to not see them, but the help text for the group name field says to:  "Use characters a to z, A to Z, 0 to 9, a period, a comma, a dash, or an underscore. The name must contain 64 characters or fewer."  My names certainly fall within the scope of what should be considered a legal name.  I created additional groups for testing, with the same object members and they show up fine, e.g.

object-group network BOB

group-object BMH_1st_2nd_Fl
group-object BMH_Printers

object-group service BETSY

port-object eq ftp
port-object eq ftp-data
port-object eq www

Any ideas about what in the original names is causing ASDM grief?

Thanks.

Johnny Lee

Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Some group names created in ASDM aren't visible in ASDM afte

Hi Johnny,

The DM_INLINE objects are custom objects that are automatically created and edited when using things like the Access Rules pane. Because these are automatically managed by ASDM, there is no place to view/edit them (though they will be automatically updated when the rule that references them is changed).

If you want to have direct control over the objects, you'll need to create them with a name other than DM_INLINE_x. These should show up in the Objects pane and you'll be able to edit and re-use them throughout the config. Otherwise, ASDM will transparently manage the DM_INLINE objects.


Hope that helps.

-Mike

5 REPLIES
Cisco Employee

Re: Some group names created in ASDM aren't visible in ASDM afte

Please post this in the ASA section and not in the Wireless forum. Thanks.

New Member

Re: Some group names created in ASDM aren't visible in ASDM afte

Moved the discussion to Security -> Firewalling.  Thanks for the suggestion.

Cisco Employee

Re: Some group names created in ASDM aren't visible in ASDM afte

Hi Johnny,

The DM_INLINE objects are custom objects that are automatically created and edited when using things like the Access Rules pane. Because these are automatically managed by ASDM, there is no place to view/edit them (though they will be automatically updated when the rule that references them is changed).

If you want to have direct control over the objects, you'll need to create them with a name other than DM_INLINE_x. These should show up in the Objects pane and you'll be able to edit and re-use them throughout the config. Otherwise, ASDM will transparently manage the DM_INLINE objects.


Hope that helps.

-Mike

New Member

Re: Some group names created in ASDM aren't visible in ASDM afte

Thanks, Mike.  I wondered if it was something like that, but I didn't find any reference to these names in any of the ASA documentation or on these discussion forums.  I appreciate you taking the time to respond.

Johnny Lee

New Member

it is possible to see the DM

it is possible to see the DM_INLINE object in use. Tools ---> Command Line interface and do a "show run".

I ran into this issue and started overwriting objects, especially when you have more than one Engineer entering rules into the firewall.

Now, I just do a show run, copy the txt and paste into a notepad file and do a search.

Regards,

Juan

4195
Views
5
Helpful
5
Replies
CreatePlease login to create content