04-20-2018 12:06 PM - edited 03-12-2019 05:13 AM
Hello everybody, i have task to replace asa 5525 with 2230 ftd in production network. interface ACL are migrated by migration tool to prefilter policies. now i try to copy vpn configuration but in FMC i see the pool for source networks and a pool for destination networks, and no port selection option at all. now how can i migrate this ACEs to FTD
access-list vpn_a extended permit ip 10.12.0.0 255.255.255.0 192.168.22.0 255.255.255.0
access-list vpn_a extended permit ip 10.15.2.0 255.255.255.0 10.17.10.0 255.255.255.0
access-list vpn-c extended permit tcp host 172.9.13.130 host 172.9.13.20 eq 8443
access-list vpn-c extended permit tcp host 172.9.13.133 host 172.9.13.22 eq 10666
04-22-2018 05:51 AM
I just tested adding your first VPN C ACE with tcp/8443 destination port and it worked fine using FMC 6.2.3. See the following extended ACL definition:
04-30-2018 01:15 AM
thank you for answer,
you are right, adding extended ACL for interested traffic selection available from FMC version 6.2.3
on version 6.2.2 i didn,t find this feature.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide