Copy Rules from One FDM-Managed Device Policy to Another FDM-Managed Device Policy

When copying rules from one FDM-managed device policy to another FDM-managed device policy, objects associated with those rules are copied to the new FDM-managed device as well.

CDO validates some conditions when pasting the rules. For more information, see Behavior of Objects when Pasting Rules to Another FTD.

Important

Important: CDO allows you to copy rules from one FDM-managed device to another FDM-managed device only if the same software versions on both devices are the same. If the software version is different, the "Rules could not be pasted because they are not compatible with the version of this device" error appears when you attempt to paste the rules. You can click the Details link to know the details.

To copy rules to another FDM-managed device, follow this procedure:

Procedure

Step 1

In the navigation pane, click Inventory.

Step 2

Click the Devices tab to locate the device or the Templates tab to locate the model device.

Step 3

Click the FTD tab and select the device you want to copy the rule from.

Step 4

In the Management pane on the right, click Policy.

Step 5

Select one or more access control rules you want to copy and click Copy in the Actions pane on the right.

Step 6

Click Inventory and navigate to the FDM-managed device you want to paste the rules to.

Step 7

In the Management pane on the right, click Policy.

Step 8

In the policy where you want to paste the rule(s) you just copied, select the rule that your copied rule(s) should precede or follow and, in the Actions pane, click Paste Before or Paste After.

Step 9

Select any access control rule you want for pasting the copied rules around it and in the Actions pane, click one of the following options:

Paste Before automatically one or more rules above the selected rule, so the copied rules evaluate network traffic before the selected rule.
Paste After automatically one or more rules below the selected rule, so the copied rules evaluate network traffic after the selected rule.

The paste operation can be performed multiple times at any required position.

Note	When pasting rules to another FDM-managed device, if a rule with the same name exists, '-Copy' is appended to the original name. If the renamed name also exists, '-Copy n' is appended to the original name. For example, 'rule name-Copy 2'.

Step 10

When you copy rules from one FDM-managed device to another, the Configuration Status of the destination device is in 'Not Synced' state. Review your changes and Deploy Configuration Changes from Defense Orchestrator to FTD now or wait and deploy multiple changes at once.