Welcome to ISAserver.org

Scripting rule creation from PIixrules

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 Misc.] >> ISA Server 2004 Programming >> Scripting rule creation from PIixrules

Page: [1]

Message

<< Older Topic Newer Topic >>

Scripting rule creation from PIixrules - 25.Oct.2005 11:55:00 AM

hennish

Posts: 26
Joined: 1.Dec.2004
Status: offline

Hi. I just received a text file containing about 500 lines of Pix aliases and rules, which I am supposed to migrate into an ISA server 2004. (phew)

The formats of the different kinds of lines are as follows:

code:

  
name 10.10.10.10 Host1

static (inside,outside) Host1 Host2 netmask 255.255.255.255 0 0

conduit permit tcp host Host1 eq domain any

outbound  11 deny 0.0.0.0 0.0.0.0 25 tcp

Any chance of scripting any of these into ISA computers/rules/whatever?

Thx! /Anders

[ October 25, 2005, 11:56 AM: Message edited by: hennish ]

Post #: 1

Featured Links*

RE: Scripting rule creation from PIixrules - 3.Nov.2005 11:46:00 AM

Guest

Hello:

I looked into doing this kind of a script for a client once, but, for publishing rules especially, there's not a clean mapping of PIX rules and options to ISA rules and options (or at least clean enough that I could write a script to do it, someone else might have though). The end result for the client was that every rule would have to be examined/validated by hand anyway, so it was better to create them by hand correctly in the first place.

You can find scripts for importing subnets/IPs/domains/etc. into ISA objects from text files, though, at www.ISAscripts.org and www.ISAtools.org, so these might help you to do some of the work.

If you find a company that sells a tool to translate from PIX to ISA, please post it here!

Good Luck!

(in reply to hennish)

Post #: 2