This tool facilitates the conversion of conduit and outbound commands to Access Control List configurations. However, due to the different nature of these access control methods there may be some changes to the actual functionality and behavior put in place so this must be considered an aid and only a starting point. All configurations converted by the OCC tool must be verified and tested by the network security administrators familiar with the network in question and its security policies before being implemented.
The OCC tool does not support alias and policy nat commands. The OCC tool does not convert configuration combinations of both an exposure of all addresses behind an internal (higher security) interface, and either a default route to the same interface or commands enabling RIP/OSPF.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...