Hi,
you can configure AFM rule using tmsh...
- create firewall Host object with
create security firewall address-list Host1 addresses add { 1.2.3.4 }
- create firewall Network object with
create security firewall address-list Network1 addresses add { 1.2.3.0/24 }
- create firewall Service object with
create security firewall port-list RDP ports add { 3389 }
- create a firewall policy
create security firewall policy MyPolicy
- create a firewall policy rule
modify security firewall policy MyPolicy rules add { rule1 { ip-protocol tcp source { address-lists add { Network1 } } destination { address-lists add { Host1 } port-lists add { https }} action accept log yes place-after last}}
I converted a 500 rules ASA configuration to AFM with these tmsh commands.