Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CSM 3.3.1 - deployment bug? after installing SP1&SP2

Hi all,

I've recently installed CSM 3.3.1 with SP1 and SP2 and I've encountered quite serious (for me) problem. Has  anyone met strange situations after installing service packs?

When I discover new device (i.e. router with 15.1 ios version) and make changes in ZBF policy, CSM deploys new configuration and everything seems to be fine. I must stress that only seems.

When for example I want to make only small changes to that device (by adding new username ans password) I make "preview configuration" and I see that CSM deletes part of ZBF policy - 10 of 12 zone-pair. For example for some reasons manager makes "no service-policy ...." in zone-pair. When I do another "preview configuration" (after adding another username) it deletes those empty zone-pairs. I thoung maybe naming doesn't suit it and I need to recreate all policy through CSM - nooooo. It did not help. Still it tried to delete some of policy.

Even when I created all ZBF policies from CSM Ive got situation when in one preview config it removes security-policy from zone-pair and after deployment in second preview it adds these security-policies to previous zone-pair. Its happaning in a  loop.

Or another strange behaviour is when I add new username it does sth like this:

In "preview configuration" there is

policy-map type inspect CSM_ZBF_POLICY_MAP_1
no class class-default
class class-default

    drop

while in GUI in CSM there is action inspect defined.

I've looked through bugtool, but with no success, so need any help.

regards

4 REPLIES
New Member

Re: CSM 3.3.1 - deployment bug???

I've tested 3.3.1 version without any SP and I haven't seen described issues.

Can anyone who had the chance to work with CSM confirm it? Right now there is only one conclusion for me - to open the TAC case, but as a last resort

regards

Cisco Employee

Re: CSM 3.3.1 - deployment bug???

Hello

did you sort this out already?

If not can you send me the configuration so I can try in my lab? At first glance it looks like a bug, so you might want to open a TAC case so we can log one

Stefano

New Member

Re: CSM 3.3.1 - deployment bug???

hi,

thx for interest,

I didn't open the TAC case casue I didn't have much time for it, however the issue is resolved. It occured that SP2 to CSM was problematic. Right now I've got 3.3.1 version with SP1 and everything works just fine. To make sure that it was it, I installed then SP2 and the problem started again.

I don't have configuration saved but actually there wasn't much of it. It was a fresh system and only 1 or 2 devices ware added so I suppose it should be easy to restore the situation.

if you got any new info please let me know

regards

Przemek

Cisco Employee

Re: CSM 3.3.1 - deployment bug???

sure

429
Views
0
Helpful
4
Replies