Importing address names to fabric connectors
After you configure a fabric connector, you can import address names from products, such as ACI, to the fabric connector, and dynamic firewall address objects are automatically created.
When you are importing address names, you must add filters to display the correct instances before importing address names.
You can manually create dynamic firewall address objects for SDN fabric connectors. See Configuring dynamic firewall addresses for fabric connectors. |
To import address names for SDN connectors:
-
Go to Policy & Objects > Security Fabric > SDN Connectors.
-
In the content pane, right-click the fabric connector, and select Import.
The Import SDN Connector dialog box is displayed.
-
If your connect supports both IPv4 and IPv6, you can select the Address Type.
-
Create a filter to select the correct instances:
-
Click Add Filter.
The Filter Generator dialog box is displayed.
-
Click Add Filter, and select a filter. A filtered list of instances is displayed.
-
Click OK. The Import SDN Connector dialog box is displayed, and it contains the filter. You can add additional filters, or edit and delete filters.
-
(Optional) Repeat this procedure to add additional filters.
-
-
Select the filters, and click Import.
The address names are imported and converted to dynamic firewall address objects that are displayed on the Firewall Objects > Addresses pane. The name of the dynamic firewall address uses the following naming convention:
<SDN Type>-<random identifier>
. Use the Details column and the instance ID to identify the object.
Import by endpoint groups
You can import SDN objects from ACI connectors by endpoint group (EGP). In order to import SDN objects from ACI connectors by EPG, you must have configured your ACI connector with the Type: Direct Connection. See Creating ACI fabric connectors.
To import by endpoint groups (EPGs) for ACI connectors:
-
Go to Policy & Objects > Security Fabric > SDN Connector
-
In the content pane, right-click the ACI fabric connector under Private SDN Connector, and select Import. The Import SDN Connector dialog box is displayed.
-
Once the import function has loaded all of the objects, you can choose the Import Mode. Select By EPG to import SDN objects by endpoint group.
-
You can create address objects from Policy & Objects > Firewall Objects and use the address in a Policy Package, similar to other SDN connectors.