Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

LMS 4.2.3 baseline compliance template and standard ACL

When using a baseline compliance template to check and deploy a standard ACL, I encountered what seems to be a bug:

I configured a template with these commands:

+ip access-list standard 21

+; Hosts allowed access

+  permit host 10.20.30.40

+  permit host 40.30.20.10

+  deny any log

When I do compliance check and deployment, the last line is dropped by LMS.

In fact, when I look into the job's "Work Order", the commands are:

ip access-list standard 21

; Hosts allowed access

  permit host 10.20.30.40

  permit host 40.30.20.10

After the job run, "show running-config" shows the access list matching the "Work Order" (without the "deny any log" command.)

Is this a bug?

Everyone's tags (5)
1 REPLY
Cisco Employee

Re: LMS 4.2.3 baseline compliance template and standard ACL

Doesnt have any issues on my Lab 4.2.4. following is the Job Work order :


Name:Archive Mgmt Job Work Order
Summary:General Info
----------------------------------------------------------------------------------------------
JobId: 2704
Owner: admin
Description: test_acl
Schedule Type: Immediate
Job Type: Compliance Check
Baseline Template Name: test_acl
Attachment Option: Disabled
Report Type: NA

Job Policies
----------------------------------------------------------------------------------------------

E-mail Notification: Not Applicable
Job Based Password: Disabled

Device Details
----------------------------------------------------------------------------------------------
DeviceCommands


Sup_2T_6500  ip access-list standard 21
  permit host 10.20.30.40
  permit host 40.30.20.10
  deny any log

10.104.149.180  ip access-list standard 21
  permit host 10.20.30.40
  permit host 40.30.20.10
  deny any log

Check your template, or export it and share, i will try it on my LMS server. also, check the same complaince job on other devices if you have such issues.

-Thanks

Vinod

**Rating Encourages contributors, and its really free. **

-Thanks Vinod **Rating Encourages contributors, and its really free. **
403
Views
0
Helpful
1
Replies
CreatePlease to create content