Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
916
Views
0
Helpful
1
Replies

Mapping NAT and Access Control dialogs between FDM and ASDM

ovalpiston
Level 1
Level 1

‎10-02-2021 05:23 AM

I've got a working configuration on my old ASA 5505 with ASDM, and I'm trying to replicate it on my FDM.

I started with doing field mapping, but I think I'm missing some mapping fields.

Can someone help fix/add-to my mappings?

Preview file
164 KB
Preview file
283 KB
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-02-2021 07:27 AM

The zones in the FDM GUI for Access Control Policy add to what in the ASA configuration links an ACL with an interface.

Look at your ASA cli config for the command "access-group". That links a given ACL with an interface, usually on the "in" direction - i.e, as an inbound ACL. In Firepower we define both a source and destination zone and assign interfaces (or interface groups) to zones.

Also, in Firepower there is no concept of security levels. Instead all traffic is allowed unless explicitly denied. That's why we usually add a default rule of block all traffic - as an explicit deny.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card