Hello, we recently updgrade CSM to 4.3.0 service pack2 and we figure out that objet are duplicated with _xx when push are perform to FW asa version 8.4.How i can resolve the problem in order to avoid this duplicated objets.
I mentioned that the duplication happens in case You're doin the discovery from the real device. At the time of discovery procedure CSM creates objects in its database with the _x suffix and the same values as in an "old" objects (without _x).
And at the next deploy CSM replaces old objects with a new ones. What I'm doing:
1) copying access-rules policy somewhere
2) discovery from the device device
3) clearing parsed config in Access Rules (deleting rules)
4) pasting rules that were copied earlier.
Result: the config is synchronized between CSM DB and the FW. No new objects are used.
This is a workaround, not a normal situation (otherwords - bug). Do not understand why it's needed to create new objects instead of using existed ones.
P.S. Just opened a case in Cisco TAC: changed the Global ACL (inheritance) for the FW. After that some of rules were missed in real device but existed in CSM DB. Branch was down for 2 hours.. Be aware and do preview config each time making deploy.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :