16-39
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter16 Managing Firewall Access Rules
Importing Rules
Related Topics
Importing Rules, page 16-37
Understanding Interface Role Objects, page 6-67
Field Reference
Import Rules Wizard—Status Page
Use the Status page of the Import Rules wizard to view information about the results of the import
process.
Table16-8 Import Rules - Enter Parameters Dialog Box
Element Description
CLI The OS commands that define the rules and related objects that you
want to import. These rules must be in running-configuration format,
so they are best copied and pasted from a configuration (use Ctrl+V to
paste into the field). You can also type in the commands; you will be
prompted if they cannot be interpreted.
You can import only one ACL at a time.
To see some examples of the CLI you can import, see Examples of
Imported Rules, page 16-41.
Tips
If you refer to an object but do not include the CLI, the rule might
be created but it will not use the object.
For PIX, FWSM, ASA, and IOS 12.4(20)T+, you can include
object group and name commands.
If you import an ACL that is inactive, it is shown as disabled in
Security Manager. If you deploy the configuration, it is removed
from the device.
You can import extended ACLs for all device types, and standard
ACLs for IOS devices. However, standard ACLs are converted to
extended ACLs.
Interface
Global (ASA 8.3+)
Select whether you are importing an interface-specific or global rule.
Global rules are available only for ASA 8.3+ devices, and are handled
according to special rules (for detailed information, see Understanding
Global Access Rules, page 16-3).
If you select Interfaces, enter the name of the interface or the interface
role for which you are defining this rule, or click Select to select the
interface or role from a list, or to create a new role. An interface must
already be defined to appear on the list. You can enter any combination
of interface or interface role names, separated by commas.
Traffic Direction The direction of the traffic with respect to the interface, in or out.
Category The category assigned to the rules. Categories help you organize and
identify rules and objects. See Using Category Objects, page 6-12.