default src file

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

default src file

L2 Linker

Hi, I am relatively new to Expedition. I am in the process of migrating a load of Cisco configs to Palo, and an using Expedition. The Expo is not able to connect to the actual Palo/Panorama due to security, so I am doing this conversion in AWS, and then manually loading the config via a config partial push.

When I create a new project and bring in the cisco config and look at the services I can see some are comming from the actual cisco src file but many are coming from default.... what is this? just a default set of ports built into Expo I had assumed...

JHALL3_0-1675869635955.png

but when I look at the service groups, most of them are also against default src File, now these cannot be known by Expo as they are specific to my Cisco config. Can any one explain whats happening here?

JHALL3_1-1675869759097.png

At this point I have not loaded a base Palo config to merge into.

Rgs

Jon

1 accepted solution

Accepted Solutions

L6 Presenter

Hi @JHALL3 This is normal behavior, expedition will try to migrate your ciscoasa config as is , if the objects has "red" dot in front, that means those objects are not being used in any group objects or policies , you can safely remove them, if the object has "green" dot in front, that means objects are being used, you will need to fix the invalid object, for example if service object "echo" is used, you will need to replace it with APP-ID ping or icmp ,  before you can merge with pan-os base config.  

View solution in original post

4 REPLIES 4

L6 Presenter

Hi @JHALL3 This is normal behavior, expedition will try to migrate your ciscoasa config as is , if the objects has "red" dot in front, that means those objects are not being used in any group objects or policies , you can safely remove them, if the object has "green" dot in front, that means objects are being used, you will need to fix the invalid object, for example if service object "echo" is used, you will need to replace it with APP-ID ping or icmp ,  before you can merge with pan-os base config.  

Hi Lychiang, I understand that, I am asking about why are almost all the objects shown as coming from a "default" src File, rather than the cisco src file.

Hi @lychiang, I understand that, I am asking about why are almost all the objects shown as coming from a "default" src File, rather than the cisco src file.

Hi @JHALL3 The objets in "default" was created by Expedition , when parsing the cisco config file, if the object is referenced in any ACL but it's not an object in ciscoasa config, Expedition will create them as object in source file "default". 

  • 1 accepted solution
  • 1452 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!