cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
235
Views
0
Helpful
4
Replies

Bulk Network object addition on Cisco FMC

Nikhil5
Beginner
Beginner

Hello Team,

We have got a request from our client to add a security policy on the Cisco FTD(4115). The security policy has 800 Network objects(IP addresses and subnets) in the target field. 

We are not sure how this will work because the firewall is managed by the Cisco FMC so we don't have CLI access to it. Everything is to be done via FMC GUI.

Could someone advise how we can achieve this with minimal effort?

 

4 Replies 4

Rob Ingram
VIP Master VIP Master
VIP Master

Hi Rob, thank you for your response. 

We are running FMC code version 6.6.1 so we cannot use the bulk upload feature. However, let us try the python scripting if that works.

 

Marvin Rhoads
VIP Community Legend VIP Community Legend
VIP Community Legend

I'd also check on the rationale for this large list. I have seen clients wanting to import what they used on an old firewall for public IP blacklist addresses. That content and feature is generally much better addressed via the use of Cisco's Security Intelligence feeds which are automatically updated every 2 hours by default.

Hi Marvin, thanks for your response. I did notice the security intelligence feature where we can upload IP lists to blacklist or whitelist IP addresses, but there is no way we can permit those IPs from the specific host address. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers