| Message Code | PIX-4-109030 |
| Severity | Warning |
| Description | Autodetect ACL convert wildcard did not convert ACL access_list source | dest netmask netmask. |
| Explanation | This message is displayed when a dynamic ACL that is configured on a RADIUS server is not converted by the mechanism for automatically detecting wildcard netmasks. The problem occurs because this mechanism could not determine if the netmask is a wildcard or a normal netmask. access_list—The access list that could not be converted source—The source IP address. dest—The destination IP address. netmask—The subnet mask for the destination or source address in dotted-decimal notation. |
| User Action | Check the access list netmask on the RADIUS server for wildcard configuration. If it is meant to be a wildcard, and if all access list netmasks on that server are wildcard then use the wildcard setting for acl-netmask-convert for the AAA server. Otherwise, change the netmask to a normal netmask or to a wildcard netmask that does not contain holes. In other words, where the netmask presents consecutive binary 1's. For example, 00000000.00000000.00011111.11111111 or hex 0.0.31.255. If the mask is meant to be normal and all access list netmasks on that server are normal then use the normal setting acl-netmask-convert for the AAA server. |
| Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.