Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
218
Views
1
Helpful
2
Replies

ASA to FTD policy migration using tool showing comment..

NetworkMonkey101
Level 1
Level 1

‎08-23-2024 02:43 AM

Hi all,

See the below comment in a few of my policies.. is there something that needs addressing for each of the rules showing this comment?

NetworkMonkey101_0-1724406203251.png

 

0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-23-2024 05:28 AM

Yes since it appears you are using an FQDN in the NAT rule but then telling the rule to also lookup the address to determine which interface to route the traffic out of. You should instead specify the desired interface and then remove the route-lookup option from the rule(s). (or else not use FQDN)

NetworkMonkey101
Level 1
Level 1

‎08-27-2024 05:07 AM

Thanks for your reply. I have around 900 policies and there are 100s of these that need applying. 

Is there a way to bulk change the zones for multiple policies with require the same? 

Is there a way to identify exactly which policies need changing instead of checking the comments for each of the 900 policies?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card