There is small error when there is a "name" command on Cisco, The MT recognizes all masks /32.
name X.X.0.0 all > Cisco FWSM Version 4.1(6) recognizes this as X.X.0.0/16
MT: X.X.0.0/32 , assign destination zone incorrectly
Are you sure Cisco recognizes as a /16 or it will depend on where is used the name and after the name will come a netmask?
usually you have the names to assign a name with a network/ip address like
name X.X.0.0 all
but then its used in a rule like
access-list inside extended permit ip all netmask 255.255.0.0 host 22.214.171.124 eq 25
There is why the tool it reads wihtout any mask, then every time we found the all in rules or groups we read the netmask and then we create the object with the right netmask, at the end we check if there are objects wihout mask and the we replace with /32 but for the objects we found with different netmask we keep the new objects with the right netmask.
Let me know your thoughts please
I've replayed the process and it seems the issue wasn't related to the command as you mentioned. I was using the first version of the MT when this error happened
Cisco input: access-list X extended deny ip Y.Y.Y.0 255.255.255.0 X.X.0.0 255.255.0.0
MT output changed the destination to X.X.0.0 255.255.255.255 and auto assigned the destination zone to the outside Zone but when I replayed it now using the latest version, The output is correct with mask /16 and the destination zone contains all zones included in the range X.X.0.0/16 so it seems that this error was fixed.
Many thanks for your efforts.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!