Comments (7)
@justjais thank you sir!
from cisco.asa.
@rayterrill Thanks for the update, and there's already an issue open wrt to the observed behavior, plz ref: #56.
I'll try to add the feature fix soon :)
from cisco.asa.
@rayterrill can u plz share the output of show version
from your ASA device, as I have tested the scenario in ASA 9.12(3) and it's working as expected for me.
from cisco.asa.
Cisco Adaptive Security Appliance Software Version 9.10(1)30 <context>
Firepower Extensible Operating System Version 2.6(1.156)
Device Manager Version 7.13(1)
Compiled on Tue 10-Sep-19 09:18 PDT by builders
PDXASA up 244 days 7 hours
failover cluster up 247 days 23 hours
SSP Slot Number: 1
Hardware: FPR4K-SM-36, 230649 MB RAM, CPU Xeon E5 series 2300 MHz, 2 CPUs (72 cores)
Encryption hardware device : Cisco FP Crypto on-board accelerator (revision 0x1)
Boot microcode : CN35x-MC-Boot-0001
SSL/IKE microcode : CNN35x-MC-SSL-0014
IPSec microcode : CNN35x-MC-IPSEC-0005
Number of accelerators: 2
4099: Int: Internal-Data0/0 : address is 0015.a500.01bf, irq 11
4101: Int: Internal-Data0/1 : address is 0015.a500.01ff, irq 5
4102: Int: Internal-Data0/2 : address is a201.0000.0002, irq 0
4103: Int: Internal-Data0/3 : address is 0000.0001.0003, irq 0
License mode: Smart Licensing
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 1024
Inside Hosts : Unlimited
Failover : Active/Active
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 90
Carrier : Disabled
AnyConnect Premium Peers : 20000
AnyConnect Essentials : Disabled
Other VPN Peers : 20000
Total VPN Peers : 20000
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total TLS Proxy Sessions : 15000
Cluster : Enabled
Failover cluster licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 1024
Inside Hosts : Unlimited
Failover : Active/Active
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 100
Carrier : Disabled
AnyConnect Premium Peers : 20000
AnyConnect Essentials : Disabled
Other VPN Peers : 20000
Total VPN Peers : 20000
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total TLS Proxy Sessions : 15000
Cluster : Enabled
Serial Number: FLM2150002M
Configuration last modified by user at 14:18:18.969 PDT Mon Jun 29 2020
from cisco.asa.
@rayterrill Thanks for pasting the output, can you please test the scenario again with Ansible 2.9.10
and verify if you're still seeing the issue.
from cisco.asa.
@justjais it did indeed work when upgraded to Ansible 2.9.10. Unfortunately that was just a test to get to asa_acls which is what I'm really after.
Updated my playbook to the following (stolen from https://www.ansible.com/blog/ansible-security-automation-resource-modules):
---
- hosts: asa
gather_facts: false
collections:
- cisco.asa
tasks:
- name: Gather facts
asa_acls:
state: gathered
register: gather
- name: output data
debug:
vars: "{ gather }}"
That's failing with:
The full traceback is:
Traceback (most recent call last):
File "/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py", line 102, in <module>
_ansiballz_main()
File "/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible_collections.cisco.asa.plugins.modules.asa_acls', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py", line 1238, in <module>
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py", line 1233, in main
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py", line 88, in execute_module
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py", line 54, in get_acls_facts
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/facts.py", line 59, in get_facts
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/ansible/netcommon/plugins/module_utils/network/common/facts/facts.py", line 128, in get_network_resources_facts
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py", line 70, in populate_facts
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py", line 457, in render_config
File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py", line 216, in populate_source_destination
ValueError: 'any' is not in list
fatal: [10.99.6.1]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible_collections.cisco.asa.plugins.modules.asa_acls', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib/python3.6/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.6/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/lib/python3.6/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py\", line 1238, in <module>\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py\", line 1233, in main\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py\", line 88, in execute_module\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py\", line 54, in get_acls_facts\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/facts.py\", line 59, in get_facts\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/ansible/netcommon/plugins/module_utils/network/common/facts/facts.py\", line 128, in get_network_resources_facts\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py\", line 70, in populate_facts\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py\", line 457, in render_config\n File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py\", line 216, in populate_source_destination\nValueError: 'any' is not in list\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
from cisco.asa.
Closing the issue as it's duplicate of #56
from cisco.asa.
Related Issues (20)
- Sanity tests failing in cisco.asa HOT 3
- [cisco.asa.asa_ogs] module execution fails on ASA configuration with port range of type <str> (in module coded as <int>) HOT 2
- [cisco.asa.asa_ogs] Incorrect service object groups created (2 instead of 1) HOT 3
- cisco.asa.asa_ogs - unable to create service-objects - invalid input error HOT 7
- [cisco.asa.asa_ogs] Sorting objects groups lead to problems HOT 9
- cisco.asa.asa_command module not working with backup command HOT 10
- ASAv lab not allowing show command abbreviation "sh access-list"
- acls module returning "Unsupported parameters" error HOT 6
- Collection CI related actions needed HOT 1
- asa_config module not switching context in loop HOT 6
- [cisco.asa.asa.acls] Error on ACL with object-group(service), object-group(network) and any HOT 8
- TypeError: 'NoneType' object is not subscriptable with asa_facts
- Show vpn-sessiondb summary returns show version output
- Consider using true/false for all booleans in docs
- cisco.asa 4.0.0 is not completable with ansible.netcommon version 5.0.0
- Not pulling sh running-config using the given cisco.asa module
- The collection bindep is hardcoding python version
- Permission escalating failed when execute command against Cisco firewall HOT 4
- Can't parse object groups if interface has a descrption
- Add Fallback to "terminal length 0" Command for Disabling Terminal Page Limit
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cisco.asa.