Use this page to manually import a firewall policy from the
discovered or onboarded sites (next generation firewall sites).
To import a NAT policy:
- Select Configuration > NAT > NAT Policies.
The NAT Policy page appears.
- Click Import.
The Import NAT Policies page appears displaying a list of discovered
devices (next generation firewall devices).
- Select the devices from which you want to import the NAT
policies and click Next.
The Discovered Services tab appears.
- Select the NAT policies that you want to import and click Next.
The Resolve Conflicts tab appears.
- If there are any conflicts with the imported objects,
object conflict resolution(OCR) operation is triggered. The Conflicts
window displays all the conflicts between CSO and the next generation
firewall device. Select an object from the Conflicts window and click
on any of the below option to resolve the object conflict.
The resolution options are:
Rename Object—Rename the imported object. By default,
"_1" is added to the object name, or you can specify a new name.
Overwrite with imported value—The object in CSO
is replaced with the object from the import operation.
Keep existing object—The object name in CSO is used
instead of what is on the next generation firewall device.
- Click Finish.
A summary of the discovered services is listed.
- Review the summary and click OK to import the
NAT policies.
The import policy job is created and the NAT policies are imported
from next generation firewall device to CSO. You can view the imported
policy from the NAT Policies page.
