Solved: Firepower FTD flexconfig for Transparent mode bpdu access-list

AIN UL BADAR · ‎01-09-2022

Hello,

I'm trying to create flexconfig for ether-type access-list but it's failing. I followed the instruction of creating the FlexConfig object with the following ACL, but it's failing.

access-list permit-bpdu ethertype trust bpdu
access-group permit-bpdu in interface <if-name>

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/transparent_or_routed_firewall_mode_for_firepower_threat_defense.html#id_90253

I created the Flex object but I always Lina Unsupported error message.

Looking for guidance how to deploy the flexconfig for the above mentioned ACL.

Thanks

Mohammed al Baqari · ‎01-10-2022

Hi,

Can you go to CLISH and from their execute the command debug config all.
Then deploy the changes and share the output from CLI to see what its
failing.

**** please remember to rate useful posts

View solution in original post

Mohammed al Baqari · ‎01-10-2022

Hi,

Can you go to CLISH and from their execute the command debug config all.
Then deploy the changes and share the output from CLI to see what its
failing.

**** please remember to rate useful posts

AIN UL BADAR · ‎01-10-2022

Thanks for the hint @Mohammed al Baqari , when I enabled the debug "debug config-cli 255" I figured out it was the interface name that wasn't matching for some reason. I corrected, and FTD took the config.

Appreciate your help.

Ain