asa_og: Issue when using state:replace with Port: 80 in port-groups #70518
Labels
affects_2.8
This issue/PR affects Ansible v2.8
asa
Cisco ASA community
bug
This issue/PR relates to a bug.
cisco
Cisco technologies
collection:cisco.asa
collection
Related to Ansible Collections work
module
This issue/PR relates to a module.
needs_collection_redirect
https://github.com/ansible/ansibullbot/blob/master/docs/collection_migration.md
networking
Network category
python3
support:community
This issue/PR relates to code supported by the Ansible community.
SUMMARY
I have a port 80 in the port group on the firewall. When I send a task with state:replace the port 80 will always be removed from this group. When I send once again the same task, the port 80 will be created in this port group. By next attempt it will be removed, and then created etc. I get no errors from ansible.
I have also tested with other ports and the same problem appears with port 67. Other ports that I have tested seem to work properly (of course, I haven’t tested all possible ports).
The same problem appears when using port range with port 90 (Example: port_range: 80 90).
ISSUE TYPE
COMPONENT NAME
asa_og
ANSIBLE VERSION
CONFIGURATION
OS / ENVIRONMENT
Centos 7.7
Firewall: ASA 5515
STEPS TO REPRODUCE
I have two tasks: one for creating a port-group with state: present and second to edit a port-group with state: replace. The problem appears when I send a task with state:replace. This task is always going to delete port 80 from port-group.
For example:
In this example, the difference is that I have replaced port 90 with port 91. After executing Task 1, on the firewall is created a port-group with ports: 80 and 90 (there is no problem). After executing Task 2, the group on the firewall will contain only the port 91, the port 80 is deleted.
EXPECTED RESULTS
I expect that port group contains ports: 80, 91
ACTUAL RESULTS
After first execution: port group contains only port 91
After second execution: port group contains ports 80, 91
After third execution: port group contains only port 91
etc.
The text was updated successfully, but these errors were encountered: