18 Posts
0
4102
X1000 Series Switch: Error loading config with access-list
Hi,
I have several switches of the X1000 series and with all of them I can't load a previously backed up configuration into the switch when the configuration contains a custom access-list.
Firmware Version: 3.0.1.1
Reproduced on an X1018
How to reproduce:
1. Create a configuration with access-list
Menu Switch Management > Management Security > Access Profiles and Rules
Click Edit
Click Add
Access Profile Name: New Profile
Access Profile Name: ssh_https
Rule Priority Name: 1
Management Method: HTTPS
Action: Permit
Click Ok
Click Add
Access Profile Name: Select "ssh_https"
Rule Priority Name: 2
Management Method: SSH
Action: Permit
Click Ok
Click Add
Access Profile Name: Select "ssh_https"
Rule Priority Name: 3
Management Method: All
Action: Deny
Click Ok
Click Gear (top right)
Access Profile Name: ssh_https
Click Ok
2. Back up / Export the configuration
Menu Switch Management > File Update and Backup > Backup Files
Click Edit
Transfer File Name: Running Configuration
Backup Method: HTTP
Click Ok
Download the configuration file
The downloaded configuration file now contains lines these lines:
[...] management access-list ssh_https permit service https permit service ssh deny [...]
3. Upload the configuration again
Menu Switch Management > File Update and Backup > Update Firmware / Configuration
Click Edit
File Type: Configuration Download
Update Method: HTTP
Source File Name: select the configuration file downloaded perviously
Destination File Name: Running Configuration
Click OK
Now a popup box with this error appears:
Error encountered in copy operation: Copy: Error in configuration download Line: 23 Command: permit service https
The same error appears when trying to upload the configuration through SSH.
The error disappears when you remove the section with the access-list and the "permit"-commands from the file.
I guess that the firmware has a problem parsing the access-list entries. Please investigate.
Thanks.
gvegidy
18 Posts
0
August 9th, 2019 03:00
Although there is no mention of this in the release notes, this issue is solved with firmware v3.0.1.2.
DELL-Josh Cr
Moderator
Moderator
•
8.7K Posts
0
February 27th, 2019 10:00
Hi,
Can you Private message me the service tag?
gvegidy
18 Posts
0
February 28th, 2019 04:00
I just sent the service tag in PM as requested.
Were you able to reproduce the problem as described?
DELL-Josh Cr
Moderator
Moderator
•
8.7K Posts
0
February 28th, 2019 08:00
It has been escalated. I am not sure of the status beyond that.
gvegidy
18 Posts
0
March 19th, 2019 04:00
DELL-Josh Cr
Moderator
Moderator
•
8.7K Posts
0
March 19th, 2019 11:00
I believe we were able to reproduce it, however I do not have an update on the release of future firmware to resolve it.