Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1032
Views
2
Helpful
5
Replies

Edit CSM_FW_ACL_ on Cisco FTD2100?

Go to solution
CiscoPurpleBelt
Level 6
Level 6

‎03-27-2023 07:03 AM

I can't find anywhere on the FMC on how to update this. Can't find any documentation either.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to CiscoPurpleBelt

‎03-27-2023 07:29 AM

@CiscoPurpleBelt that's just the generic name from the CLI. From the FMC you've assigned an ACP with a more friendly name.

View solution in original post

5 Replies 5

Go to solution
Rob Ingram
VIP
VIP

‎03-27-2023 07:08 AM

@CiscoPurpleBelt you just need to make the change on the Access Control Policy from the FMC.

Go to solution
CiscoPurpleBelt
Level 6
Level 6
In response to Rob Ingram

‎03-27-2023 07:20 AM

Sorry I don't think Im following. I don't see anything under Policies > Access Control named CSM_ or anything. What exactly should I be looking at?

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to CiscoPurpleBelt

‎03-27-2023 07:29 AM

@CiscoPurpleBelt that's just the generic name from the CLI. From the FMC you've assigned an ACP with a more friendly name.

Go to solution
CiscoPurpleBelt
Level 6
Level 6
In response to Rob Ingram

‎03-27-2023 08:01 AM

Ok I see. 

0 Helpful

Go to solution
CiscoPurpleBelt
Level 6
Level 6
In response to Rob Ingram

‎03-27-2023 08:21 AM - edited ‎03-27-2023 08:37 AM

Could it be either a pre-filter or normal ACL? Basically how do I know what the actual name of the rule is? Based on below, actual name would be Test_Rule correct?

e.g.

Phase: 5
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group CSM_FW_ACL_ global
access-list CSM_FW_ACL_ advanced permit ip any any rule-id 270441600
access-list CSM_FW_ACL_ remark rule-id 270441600: ACCESS POLICY: FTDX -Local-Sensor_ACP - Mandatory
access-list CSM_FW_ACL_ remark rule-id 270441600: L7 RULE: Test_Rule
Additional Information:
This packet will be sent to snort for additional processing where a verdict will be reached
Forward Flow based lookup yields rule:
in id=0xffb4046d30, priority=12, domain=permit, deny=false
hits=20490363, user_data=0x558600, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, ifc=any
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=any, ifc=any, vlan=0, dscp=0x0, nsg_id=none
input_ifc=any, output_ifc=any

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card