Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
3
Replies

FMC conflicts and overlaps

NetworkMonkey101
Level 3
Level 3

‎06-24-2025 11:40 PM - edited ‎07-23-2025 10:24 PM

Hi,

I have exported an ACP from on FMC 2500 onto a blank new FMCv. I have then upgraded the FMCv and plan on migrating that ACP to a newer FMC already in production and migrating two firewalls. 

My issue is when I imported the ACP onto the blank FMCv I have conflict errors. I am unsure what these are and how to resolve them or if they need resolving before exporting and importing again onto the final destination FMC.

 

Are these naming conflicts or something else? As it is a blank FMC i wouldn't of thought that was the case.

How do I resolve?

0 Helpful
3 Replies 3

marce1000
Hall of Fame
Hall of Fame

‎06-25-2025 01:26 AM

 

  - @NetworkMonkey101         FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwp29808

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-25-2025 02:03 AM

The policy analysis conflicts are just highlighting that some of your objects and/or rules have overlaps and are thus not entirely internally consistent. You have the opportunity to analyze them and potentially combine some unless you prefer to keep them as separately defined names for reasons external to the firewall (e.g., to better follow the business logic from a human-readable point of view).

0 Helpful

rovianjaxiel
Level 1
Level 1

‎06-25-2025 02:34 AM

Yes, those conflict errors can still happen even on a blank FMC. Here's why:

Why You’re Seeing Conflicts

  • The ACP you're importing likely has objects (like network, service, or zone objects) that are referencing things that don't exist yet on the new FMC.

  • Some objects might have duplicate names or missing dependencies from the export.

  • Even though the FMC is clean, the ACP still depends on certain settings or objects it used before.

What You Should Do

  1. Check the conflict details on the FMC. It should tell you what objects are causing the problem.

  2. If the object is unused, delete it.

  3. If it’s needed, check if:

    • The name is already in use

    • It’s missing a reference

    • It can be renamed

  4. Try resolving the conflict by either:

    • Renaming the object

    • Creating the missing item manually

  5. Make sure you can deploy the policy on the test FMCv without errors before exporting it to the production FMC.

Final Tip

If you’re unsure, try importing the same ACP into another test FMCv running the same version as production. That way you can catch errors before pushing it live.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card