04-16-2020 11:30 AM - edited 04-16-2020 11:50 AM
Is there a way in FMC to copy access rules from an ACP and paste those in another ACP which is already loaded with access rules and applied to an FTD. Actually, will have to 2-3 migrations of ASAs to FTD but at different time frames. So, at last need to have all consolidated as one ACP. Tried inheritance policy option but can't modify the copied rules.
FMC-ver-6.4.04
04-16-2020 08:17 PM
04-17-2020 12:07 AM
Thanks for your reply.
Does FMC offers an API to perform this?
04-17-2020 06:28 PM
04-19-2020 03:37 AM
Thanks. I am still a new learner with APIs but will give a try.
04-16-2020 11:14 PM
It's not supported - even in FMC 6.6.
If you use CDO management, it is quite easy to do. However CDO cannot (currently) manage a device that is also FMC-managed.
CDO uses the API to interact with managed devices along the lines @Francesco Molino was referring to.
04-17-2020 12:05 AM
09-22-2020 01:30 AM
Hi Narayan,
We have created a python script for achieving the same. Please check if it's helpful in you case.
05-11-2021 07:48 AM - edited 05-11-2021 07:54 AM
the New version 6.7.0 can do the copy from ACP to another ACP or from Prefilter Policy to another Prefilter Policy
"Copy and move rules between access control and prefilter policies"
https://www.cisco.com/c/en/us/td/docs/security/firepower/670/relnotes/firepower-release-notes-670/features.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide