10-28-2012 07:04 AM - edited 03-11-2019 05:15 PM
Hi Experts,
My questing is if I have to Convert Rules (ACL) from Check Point to ASA 8.4 what are my options keeping in mind below
Q 1. Is there any reliable tool available that can use and verify the result?
Q 2. Is there any efficient way to perform this task?
Thanks in advance for consideration
10-28-2012 08:42 AM
Hi,
Sorry can't really comment on the Checkpoint as I've only used Cisco firewall products so far.
But if I understood you correctly you are currently using rules in the Checkpoint that are used for many firewall interfaces and many directions. If this is correct, there is an option in the new ASA software (Think it came in 8.3 already) that lets you configure a single access-list to be used for every single interface on the ASA, and for both directions.
The command format to apply a configured ACL to be used as Global Access-list you would have to use the following command
"access-group
The normal format for per interface/direction would be
"access-group
As I said before, I can't really say anything about Checkpoint so I don't know what its ACL format is like.
I'm also not familiar about any conversion tools but that mostly due to never having any need for such. I'm sure someone else might give you better information about it.
I guess if you can give some example rules you need converted, it would give me or someone else some idea how different the formats are.
- Jouni
10-29-2012 10:37 PM
Hi Jouni,
Thanks for your reply. I think you did not understand my question.
Question is very simple
What is the best tool to convert Check Point to ASA Firewall Rules (if rules are more then 1000)
Most Important what is the method to verifiy all of them on ASA after conversion if they have Migrated 100% ?
Would be great if any expert can comment on that
Regards
01-02-2014 01:32 AM
Here is the new self-service tool that Cisco has released to convert to any vendor firewalls to Cisco ASA.
Currently it supports Juniper ScreenOS and CheckPoint to Cisco ASA conversion.
Link to the original post:
Link to the tool itself:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide