- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Cisco ASA/PIX/FWSM conversion: Plans to auto-expand DM_INLINE.. Groups ?
Hello,
while 5.4 really looks good,
I am missing an option to automatically expand the implicit address-
and service groups named DM_INLINE... to their members.
These are generated automatically by Cisco GUIs when an admin graphically
adds more than one object in a place/context where the Cisco cli only supports one object.
Fortinet supports multiple object in most of those use cases,
so you could insert the members of an DM_INLINE... group directly
into the converted fortinet config in most cases.
The same applies for configs generated by Cisco Secutity Manaer "CSM_INLINE..." groups.
Regards,
Frank
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This question was recently asked on the Dev alias, fconvert_feedback@fortinet.com, if this wasn't you and you still have this requirement, please contact the alias for details.
Mike
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answers I got look promising ;)
Thanks for your help !
Frank
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Frank,
For the Cisco ASA/PIX/FWSM conversions, we have added an option toward the new browser-based tool(the installer file is *.py.exe).
The option is:
Conversion Options -> Suppress auto grouped items from Cisco ASDM/CSM
This option will automatically replace all network objects, which leading by "DM_INLINE_XXX" or "CSM_INLINE_XXX" prefix, with it's actual members.
Thanks,
Dunxing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Frank,
This feature is available AFTER v5.4.1 GA release.
If you want an interim build for test, please kindly drop a letter to fconvert_feedback@fortinet.com (for external user), or visit Fortinet info site (for internal user) to download v5.5.0 build.
Thanks,
Dunxing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Dunxing,
thanks to Fortinet for implementing that..
this will greatly ease my life in the next migration project...
BR,
Frank