Create a Post
Showing results for 
Search instead for 
Did you mean: 

FWSM migration to Checkpoint R80.10


Is it possible to migrate FW & NAT policies, objects from Cisco FWSM to R80.10. SmartMove most probably doesnt support FWSM yet but i was wondering if the old Confwiz would work ?

0 Kudos
1 Reply

Pretty sure you can, but I'll let someone who knows better confirm. I did it for one of my clients in the past, however we migrated from a whole bunch of ASA's over to a 15600 cluster running R77.30. We used LCMS for the conversion.

I tell you, from my experience, nothing is guaranteed to work as you expect. Be prepared to add missing rules on the go. I found that LCMS missed a tonne of rules, which took a while to sort out, along with NAT rules. Mind you though, we had multiple ASA's that had several internet links, so some were blocking similar inbound traffic.. All together we had over 20k ACL's combined, but LCMS was able to shrink it down to just around 800 IIRC.

I would HIGHLY recommend exporting your NAT's out to excel. Once you convert(Whether LCMS/Manual script), check check check!

0 Kudos
Upcoming Events

    CheckMates Events