I've tried CSPM 2.3.x and 3.0 to define a PIX object with overlapping subnets. Let say the subnet connecting to e0 is 10.5.0.0/16 and the subnet connecting to e1 is 10.5.5.0/24. In this case, the CSPM doesn't accept me. Is there any workaround or I need to give up CSPM? Due to historical reasons, I cannot alter the design of the subnets.
Configuring that directly on the PIX will give you problems so that is why CSPM will not allow it. The PIX will be very confused as to which networks it owns where. Renumber that 10.5.5.0/24 subnet make your own history.
So CSPM has a setting that forces it to check the configuration before you write to the device. That used to be a check box. If you are sure that the overlapping subnet is your only issue I would disable the CSPM checking feature and then push the policy out. Remeber to turn it back on immediately after writing the device.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...