Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2929
Views
10
Helpful
4
Replies

Transfer Rules from One interface to Another - Cisco ASA

Go to solution
NeWGuy1109
Level 1
Level 1

‎03-11-2021 05:09 AM

I have an ASA with about 8 subinterfaces.. due to a recent requirement the rules in 2 subinterfaces are required to be transferred to a new subinterface..

 

for ex: interface A - 100 rules

Interfaces B - 50 rules 

New Interface C - 100+50 = 150 rules

 

What is the best way i can combine rules from A and B and move them over to C ? 

i read that via access-group command i can copy rules from one to another but isnt it 1 to 1 mapping only ? 

any other way to do this efficiently.

 

Thanks 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Spooster IT Services
Level 7
Level 7

‎03-11-2021 05:21 AM

Hello @NeWGuy1109,

 

That is true, the access-group command is a 1-to-1 mapping and there is no such command to combine two different access-lists to one. Personally, I would recommend copying all the rules to a text editor such as notepad, combine them and paste with a new name. This way you can manage them all separately.

 

***Please mark all helpful responses***

Spooster IT Services Team

View solution in original post

Go to solution
Spooster IT Services
Level 7
Level 7
In response to NeWGuy1109

‎03-11-2021 06:29 AM

@NeWGuy1109 

 

You are copying the "show access-list" output. You need to copy the "show runn access-list" command output that will get rid of these values.

Spooster IT Services Team

View solution in original post

4 Replies 4

Go to solution
Spooster IT Services
Level 7
Level 7

‎03-11-2021 05:21 AM

Hello @NeWGuy1109,

 

That is true, the access-group command is a 1-to-1 mapping and there is no such command to combine two different access-lists to one. Personally, I would recommend copying all the rules to a text editor such as notepad, combine them and paste with a new name. This way you can manage them all separately.

 

***Please mark all helpful responses***

Spooster IT Services Team

Go to solution
NeWGuy1109
Level 1
Level 1
In response to Spooster IT Services

‎03-11-2021 05:58 AM

Thanks for the reply..

 

the only issue with it is that while copying the access rules ..at the very end of each line i am getting these values

(hitcount=2???) 0x????

which are different for each line..any way i can remove these together ?

0 Helpful

Go to solution
Spooster IT Services
Level 7
Level 7
In response to NeWGuy1109

‎03-11-2021 06:29 AM

@NeWGuy1109 

 

You are copying the "show access-list" output. You need to copy the "show runn access-list" command output that will get rid of these values.

Spooster IT Services Team

Go to solution
NeWGuy1109
Level 1
Level 1
In response to Spooster IT Services

‎03-11-2021 06:47 AM

Thanks a lot 

0 Helpful
Customers Also Viewed These Support Documents
Top