Copy an ASA Access Control List to Another ASA
An ASA access control list can be easily copied to another CDO-managed device in the same tenant. After copying an access list file to a target ASA device, any further changes made to the access list won't be automatically applied to the target device. This is different from access control list sharing feature, where changes are automatically applied.
Keep the following points in mind:
-
You cannot copy an access list to a target device if that device already has another access list with the same name.
-
You cannot copy an access list if another access list on the target device is associated with the same interface and direction.
-
You cannot only copy an access list to a disabled interface on the target device.
Procedure
Step 1 | In the left pane, click Inventory. |
Step 2 | Click the ASA tab and select an ASA device by checking the corresponding check box. |
Step 3 | In the Management pane on the right, click Policy. |
Step 4 | From the Selected Access List drop-down list, choose an access list. |
Step 5 | In the Actions pane on the right, click Copy. |
Step 6 | Select the target device to which you want to copy the access list. |
Step 7 | Choose an interface and specify the direction for applying the selected access list. The designated access list is applied to the interface through which traffic flows in the specified direction. This access list can be applied to multiple interfaces and directions. To apply the access list to all the interfaces on the selected target, see Create an ASA Global Access List. |
Step 8 | Click Copy. A message appears at the bottom right corner on the CDO screen on a successful copy. |
Step 9 | Review and deploy the changes you made now, or wait and deploy multiple changes. |