-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[cisco.asa.asa.acls] Error on ACL with object-group(service), object-group(network) and any #187
Comments
@ITZAbacq thanks for raising the issue, I'll triage the issue from my end and update you more on this asap! |
Hello! Cisco ASAv version: Cisco Adaptive Security Appliance Software Version 9.16(4)19 OS - CentOS Stream release 8 ansible [core 2.12.7] ansible-galaxy collection list | grep asa error: config:
Thanks! |
@Starican |
@ITZAbacq Thanks! |
No, I'm using http-api. Rest-API is not available for asav. |
@ITZAbacq Thanks for URL. Reading... test.asa#sh ver Cisco Adaptive Security Appliance Software Version 9.16(4)19 Compiled on Wed 19-Apr-23 19:27 GMT by builders test.asa up 63 days 19 hours Hardware: ASAv, 4096 MB RAM, CPU Clarkdale 3399 MHz, |
Yeah but it's not officially supported for my devices. I could install it but I don't want to, as the http-api is far more easy. No need of an agent, so easier updates and it's just CLI-commands, which makes it for me far easier than rest. |
Hi! Then I parse this line with ansible I got this (It's not correct - I understood it): { and I changed config in ansible playbook (It's didn't logical correct, BUT it's working!!! I get ACL on devices without errors) -
|
Hello, I'm new to these modules and I'd like to use the ACL Module to deploy some Rules on 4 Asa Firewalls.
I have some rules which are designed and stored this way:
access-list OUTSIDE extended permit object-group SomeObjectGroupService object-group SomeObjectGroupNetwork any
These rules are getting an error:
Also the module isn't supporting objects, which is very unfortunate, but I can work arount that.
Ansible Info
Collection Info
OS
The Ansible Config is stock.
The asa is running
ASA Version 9.12(4)38
What am I exactly doing?
This leads to the error.
I guess the parsed 'module' doesn't recognize the first object-group properly as an object-group(service), so it takes it as the source, which is actually wrong.
So the output of the parsed is
Or am I doing anything wrong?
Thank you very much.
The text was updated successfully, but these errors were encountered: