What Does and Does Not Convert
The following limitations apply when converting FireWall-1 configurations to SunScreen 3.1. Some object-types and rules migrate with no difficulty, while others do not. FireWall-1 rules, which do not migrate, contain an operation (on the Source, Destination, or Service) that SunScreen 3.1 does not support. The following table lists what will migrate and will not to migrate from FireWall-1 to SunScreen 3.1.
Table 8-3 What Converts From FireWall-1|
Does Convert |
Does Not Convert |
|---|---|
|
Host Objects |
Resources |
|
Group Objects |
NAT Mappings |
|
Network Objects |
Gateway Objects |
|
Most Rules |
Encryption and Authentication Information/Rules |
|
|
Domain Objects |
|
|
Router Objects |
|
|
Switch Objects |
|
|
Logical Objects |
|
|
FW-1 Services or User Defined Services |
|
|
Install Objects |
|
|
Rules which contain any Object or Service that can not migrate |
|
|
Using an Object Type as an Object Name |
Note -
NETWORK is not a supported type in SunScreen 3.1. You must modify objects of this type first, before trying to access the configuration (called a Policy in SunScreen) using the SunScreen administration GUI.
- © 2010, Oracle Corporation and/or its affiliates