Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1633
Views
0
Helpful
0
Replies

1 Big ACP/NAT Rule in FTD

Ken C. Musk
Level 1
Level 1

‎01-03-2022 01:16 PM

I am starting to convert our ASA 5516x over to FTD image.  Since we have 12 different sites I have to setup Site-to-Site VPN for connectivity.  This is simple and I have it working, however I am wondering if I can put all the NAT objects into 1 Group instead of doing them individually.

 

For example I have each NAT rule:

Site 1 VPN to Site 2

Site 1 VPN to Site 3

Site 1 VPN to Site 4

Etc...

 

I have these as 3 separate NAT rules.  Could I just create 1 Group called All_Sites and then place the Objects I created for those sites (which are the subnets) in that main All_Sites group into 1 NAT rule?

 

Basically saying:

Site 1 VPN to All_Sites

 

Same goes for my ACP rules.  I have each rule for each site.  Would be easier and cleaner if I could use that same Object Group called:  All_Sites and make 1 ACP rule.

 

Example of what I would want:

Inside to Outside source internal network to All_Sites

 

What I am currently doing:

Inside to Outside source internal network to Site2

Inside to Outside source internal network to Site3

Inside to Outside source internal network to Site4

Etc...

 

I know I could test this, but would need to have an outage window set, and then a backup plan if it fails to put it back.  Figure I would ask here first

 

Thanks,

 

Ken~

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card