Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AAA acls on FWSM

Hi, my customer has a problem on a FWSM

He uses a script to manage his acls.

access-l mode manual

no access-l inside_auth_acl

access-l inside_auth_acl deny <whatever_to_deny >

access-l inside_auth_acl permit ip any any

access-l commit

After manual committing an AAA acl the acl is not effective anymore, it is disabled and not working, only after re-apply the statement "aaa authentication match...." it is working again.

CCO states that authentication acls are always commited automatically and manual commit does not work.

But does this mean that when doing manual commit, the acl becomes disabled and has to be re-applied again.Customer claims that this was ok with

Now the question is if this is a bug or working as designed.

Regards Guenther


Re: AAA acls on FWSM

To further look into this problem, can you send me the output of show tech and a full example of what changes are made?. Can you also send the console output if received that indicates that the access-list is "disabled".

CreatePlease to create content