Skip to main content
ffischer
ffischer
New Member
February 26, 2018
Question

Cisco ASA/PIX/FWSM conversion: Plans to auto-expand DM_INLINE.. Groups ?

  • February 26, 2018
  • 3 replies
  • 9602 views

Hello,

 

while 5.4 really looks good,

I am missing an option to automatically expand the implicit address-

and service groups named DM_INLINE... to their members.

 

These are generated automatically by Cisco GUIs when an admin graphically

adds more than one object in a place/context where the Cisco cli only supports one object.

 

Fortinet supports multiple object in most of those use cases,

so you could insert the members of an DM_INLINE... group directly

into the converted fortinet config in most cases.

 

The same applies for configs generated by Cisco Secutity Manaer "CSM_INLINE..."  groups.

 

Regards,

Frank

    3 replies

    mickstrick_FTNT
    Staff
    mickstrick_FTNT
    Staff
    March 6, 2018

    This question was recently asked on the Dev alias, fconvert_feedback@fortinet.com, if this wasn't you and you still have this requirement, please contact the alias for details.

     

    Mike

    ffischer
    ffischerAuthor
    New Member
    March 13, 2018

    The answers I got look promising ;)

    Thanks for your help !

     

    Frank

    Dunxing_Zhang_FTNT
    Staff
    Dunxing_Zhang_FTNT
    Staff
    September 18, 2018

    Hello Frank,

     

    For the Cisco ASA/PIX/FWSM conversions, we have added an option toward the new browser-based tool(the installer file is *.py.exe).

     

    The option is:

    Conversion Options -> Suppress auto grouped items from Cisco ASDM/CSM

    This option will automatically replace all network objects, which leading by "DM_INLINE_XXX" or "CSM_INLINE_XXX" prefix, with it's actual members.

     

    Thanks,

    Dunxing

    Dunxing_Zhang_FTNT
    Staff
    Dunxing_Zhang_FTNT
    Staff
    September 18, 2018

    Hello Frank,

     

    This feature is available AFTER v5.4.1 GA release.

    If you want an interim build for test, please kindly drop a letter to fconvert_feedback@fortinet.com (for external user), or visit Fortinet info site (for internal user) to download v5.5.0 build.

     

    Thanks,

    Dunxing

    ffischer
    ffischerAuthor
    New Member
    September 26, 2018

    Hello Dunxing,

     

    thanks to Fortinet for implementing that..

    this will greatly ease my life in the next migration project...

     

    BR,

    Frank

    Terms & ConditionsAccessibility statement