A while ago I deployed a flexconfig policy that failed. This wiped out my EIGRP config, and also wiped out my default inspection policy (the MPF stuff). I eventually got my EIGRP config back on, but my default inspection was still lost on the device. Today I deployed another flexconfig change, which basically enabled a few bits of inspection on the box (h323 specifically), and I had a problem with the config not being 100% correct. This then put ALL the default inspection policy back onto the firewall. Firepower has pissed me off so much recently with this shit, and I'm looking to see if someone knows why a failed deployment of a flexconfig either removes all of my global policy, or adds all of the global policy in (neither of which I have put in the flexconfig).
No comments:
Post a Comment