Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASDM _ref ACL Entries

Can someone explain to me how ASDM handles the _ref ACL entries, it appears to me that it will create them automatically, and sometimes replace my original entry with _ref appended. For instance if I create an ACL sql_servers and then later make changes it appears to create an ACL sql_servers_ref, and then I end up with two ACL's. This gets a little annoying. How should I handle this??


Re: ASDM _ref ACL Entries

ASDM has a paradigm of real object-groups XXX and mapped object-groups XXX_ref.

The real object-group XXX is created via ASDM GUI. When a real object-group is used in ACL, ASDM automatically calculates the required translations and creates and uses XXX_ref in the ACL.

When configuration is parsed by ASDM, it check that all XXX and XXX_ref are is sync because the relationship might be broken if user changes them via CLI.

New Member

Re: ASDM _ref ACL Entries

I have come across the same problem that is annoying the management and they wanted a solution to remove these mapped object-group entries. Is this a feature in the ASDM or a bug? Will the ACL still work if I remove these mapped object-groups completely from the CLI or do I ignore them and redo the ACL's from the CLI?

CreatePlease login to create content