03-27-2023 07:03 AM
I can't find anywhere on the FMC on how to update this. Can't find any documentation either.
Solved! Go to Solution.
03-27-2023 07:29 AM
@CiscoPurpleBelt that's just the generic name from the CLI. From the FMC you've assigned an ACP with a more friendly name.
03-27-2023 07:08 AM
@CiscoPurpleBelt you just need to make the change on the Access Control Policy from the FMC.
03-27-2023 07:20 AM
Sorry I don't think Im following. I don't see anything under Policies > Access Control named CSM_ or anything. What exactly should I be looking at?
03-27-2023 07:29 AM
@CiscoPurpleBelt that's just the generic name from the CLI. From the FMC you've assigned an ACP with a more friendly name.
03-27-2023 08:01 AM
Ok I see.
03-27-2023 08:21 AM - edited 03-27-2023 08:37 AM
Could it be either a pre-filter or normal ACL? Basically how do I know what the actual name of the rule is? Based on below, actual name would be Test_Rule correct?
e.g.
Phase: 5
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group CSM_FW_ACL_ global
access-list CSM_FW_ACL_ advanced permit ip any any rule-id 270441600
access-list CSM_FW_ACL_ remark rule-id 270441600: ACCESS POLICY: FTDX -Local-Sensor_ACP - Mandatory
access-list CSM_FW_ACL_ remark rule-id 270441600: L7 RULE: Test_Rule
Additional Information:
This packet will be sent to snort for additional processing where a verdict will be reached
Forward Flow based lookup yields rule:
in id=0xffb4046d30, priority=12, domain=permit, deny=false
hits=20490363, user_data=0x558600, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, ifc=any
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, ifc=any, vlan=0, dscp=0x0, nsg_id=none
input_ifc=any, output_ifc=any
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide