Coder Social home page Coder Social logo

Comments (7)

rayterrill avatar rayterrill commented on June 2, 2024 2

@justjais thank you sir!

from cisco.asa.

justjais avatar justjais commented on June 2, 2024 1

@rayterrill Thanks for the update, and there's already an issue open wrt to the observed behavior, plz ref: #56.

I'll try to add the feature fix soon :)

from cisco.asa.

justjais avatar justjais commented on June 2, 2024

@rayterrill can u plz share the output of show version from your ASA device, as I have tested the scenario in ASA 9.12(3) and it's working as expected for me.

from cisco.asa.

rayterrill avatar rayterrill commented on June 2, 2024 
Cisco Adaptive Security Appliance Software Version 9.10(1)30 <context>
Firepower Extensible Operating System Version 2.6(1.156)
Device Manager Version 7.13(1)

Compiled on Tue 10-Sep-19 09:18 PDT by builders

PDXASA up 244 days 7 hours
failover cluster up 247 days 23 hours

SSP Slot Number: 1  

Hardware:   FPR4K-SM-36, 230649 MB RAM, CPU Xeon E5 series 2300 MHz, 2 CPUs (72 cores)

Encryption hardware device : Cisco FP Crypto on-board accelerator (revision 0x1)
                             Boot microcode        : CN35x-MC-Boot-0001
                             SSL/IKE microcode     : CNN35x-MC-SSL-0014
                             IPSec microcode       : CNN35x-MC-IPSEC-0005
                             Number of accelerators: 2

4099: Int: Internal-Data0/0    : address is 0015.a500.01bf, irq 11
4101: Int: Internal-Data0/1    : address is 0015.a500.01ff, irq 5
4102: Int: Internal-Data0/2    : address is a201.0000.0002, irq 0
4103: Int: Internal-Data0/3    : address is 0000.0001.0003, irq 0

License mode: Smart Licensing

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      
Maximum VLANs                     : 1024           
Inside Hosts                      : Unlimited      
Failover                          : Active/Active  
Encryption-DES                    : Enabled        
Encryption-3DES-AES               : Enabled        
Security Contexts                 : 90             
Carrier                           : Disabled       
AnyConnect Premium Peers          : 20000          
AnyConnect Essentials             : Disabled       
Other VPN Peers                   : 20000          
Total VPN Peers                   : 20000          
AnyConnect for Mobile             : Enabled        
AnyConnect for Cisco VPN Phone    : Enabled        
Advanced Endpoint Assessment      : Enabled        
Shared License                    : Disabled       
Total TLS Proxy Sessions          : 15000          
Cluster                           : Enabled        


Failover cluster licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      
Maximum VLANs                     : 1024           
Inside Hosts                      : Unlimited      
Failover                          : Active/Active  
Encryption-DES                    : Enabled        
Encryption-3DES-AES               : Enabled        
Security Contexts                 : 100            
Carrier                           : Disabled       
AnyConnect Premium Peers          : 20000          
AnyConnect Essentials             : Disabled       
Other VPN Peers                   : 20000          
Total VPN Peers                   : 20000          
AnyConnect for Mobile             : Enabled        
AnyConnect for Cisco VPN Phone    : Enabled        
Advanced Endpoint Assessment      : Enabled        
Shared License                    : Disabled       
Total TLS Proxy Sessions          : 15000          
Cluster                           : Enabled        


Serial Number: FLM2150002M
Configuration last modified by user at 14:18:18.969 PDT Mon Jun 29 2020

from cisco.asa.

justjais avatar justjais commented on June 2, 2024

@rayterrill Thanks for pasting the output, can you please test the scenario again with Ansible 2.9.10 and verify if you're still seeing the issue.

from cisco.asa.

rayterrill avatar rayterrill commented on June 2, 2024

@justjais it did indeed work when upgraded to Ansible 2.9.10. Unfortunately that was just a test to get to asa_acls which is what I'm really after.

Updated my playbook to the following (stolen from https://www.ansible.com/blog/ansible-security-automation-resource-modules):

---
- hosts: asa
  gather_facts: false
  collections:
   - cisco.asa

  tasks:
  - name: Gather facts
    asa_acls:
      state: gathered
    register: gather
  - name: output data
    debug:
      vars: "{ gather }}"

That's failing with:

The full traceback is:
Traceback (most recent call last):
  File "/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py", line 102, in <module>
    _ansiballz_main()
  File "/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py", line 94, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py", line 40, in invoke_module
    runpy.run_module(mod_name='ansible_collections.cisco.asa.plugins.modules.asa_acls', init_globals=None, run_name='__main__', alter_sys=True)
  File "/usr/lib/python3.6/runpy.py", line 205, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File "/usr/lib/python3.6/runpy.py", line 96, in _run_module_code
    mod_name, mod_spec, pkg_name, script_name)
  File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py", line 1238, in <module>
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py", line 1233, in main
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py", line 88, in execute_module
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py", line 54, in get_acls_facts
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/facts.py", line 59, in get_facts
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/ansible/netcommon/plugins/module_utils/network/common/facts/facts.py", line 128, in get_network_resources_facts
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py", line 70, in populate_facts
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py", line 457, in render_config
  File "/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py", line 216, in populate_source_destination
ValueError: 'any' is not in list
fatal: [10.99.6.1]: FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py\", line 102, in <module>\n    _ansiballz_main()\n  File \"/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py\", line 94, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/home/user/.ansible/tmp/ansible-local-23293igh_syau/ansible-tmp-1594768247.3244836-23300-246461498837720/AnsiballZ_asa_acls.py\", line 40, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.cisco.asa.plugins.modules.asa_acls', init_globals=None, run_name='__main__', alter_sys=True)\n  File \"/usr/lib/python3.6/runpy.py\", line 205, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib/python3.6/runpy.py\", line 96, in _run_module_code\n    mod_name, mod_spec, pkg_name, script_name)\n  File \"/usr/lib/python3.6/runpy.py\", line 85, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py\", line 1238, in <module>\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/modules/asa_acls.py\", line 1233, in main\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py\", line 88, in execute_module\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/config/acls/acls.py\", line 54, in get_acls_facts\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/facts.py\", line 59, in get_facts\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/ansible/netcommon/plugins/module_utils/network/common/facts/facts.py\", line 128, in get_network_resources_facts\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py\", line 70, in populate_facts\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py\", line 457, in render_config\n  File \"/tmp/ansible_asa_acls_payload_xxsgr3_x/ansible_asa_acls_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/facts/acls/acls.py\", line 216, in populate_source_destination\nValueError: 'any' is not in list\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
}

from cisco.asa.

justjais avatar justjais commented on June 2, 2024

Closing the issue as it's duplicate of #56

from cisco.asa.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.