- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
Cisco ASA ACL applied to global
- LIVEcommunity
- Collaboration
- Tools
- Expedition
- Expedition Discussions
- Cisco ASA ACL applied to global
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Cisco ASA ACL applied to global
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
09-17-2019 08:11 AM
I am migrating a Cisco ASA config that has an ACL that is applied to global (access-group CSM_FW_ACL_ in interface if_global) as opposed to an interface. I believe I understand how this is applied in the ASA but noticed that Expedition did nothing with the ACL as far as I can tell. Is there a way to handle this in Expedition to make it work? If not does anyone no another way to convert this ACL outside of Expedition? It is an extremely large ACL, otherwise I would just do it by hand.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
09-18-2019 02:21 AM
HI,
we like to get more information about your Cisco ASA configuration and version you are figuring out this issue.
Can you please get in touch with us via fwmigrate@paloaltonetworks.com or send me a private message here?
regards
Sven Waschkut
Solution Engineer, Expedition
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
09-18-2019 09:17 AM
Actually it turns out the config did get migrated correctly. It appears that the ACL entries for the global access-group get distributed to zones based on routes which I did not realize at first.
Thanks for the quick response.
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
