On 06/20, Altaf Ahmad wrote: > I tried I2J tool but it does not translate the ASA commands to JUNOS. I > am having very big configuration ASA files which consist around 1000 + > Access list entries (ACEs) by using object-group and its really very > hard to manually translate huge number of lines in JUNOS. Is there any > suggestion to for this issue?
We are considering a migration to SRX, and have donen a proof-of-concept conversion in the lab. It is relatively straightforward to write some perl to convert access lists from Cisco to Juniper if your object-groups are consistently structured. The biggest drawback we found is that Juniper does not support nested address-sets like Cisco does its object-groups -- we ended up solving that with a commit script on the Junos side. Juniper has also offered professional services to assist in migrating the configuration between platforms. We haven't gotten to that point in the engagement, so I can't comment on that process. -j -- Jason Lavoie Ratvarre sbe uver ja...@oasys.net _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp