Cisco Cisco Firepower Management Center 4000

You can copy, but not cut static rules.

You can display explanatory warnings to identify rules that will never match because they are preempted 
by preceding rules.

If you have access control policies in your deployment, the system does not translate traffic until it has 
passed through access control.

The following table summarizes the actions you can take to organize your rules.

Any

The conditions of a NAT rule may preempt a subsequent rule from matching traffic. Any type of rule 
condition can preempt a subsequent rule.

A rule also preempts an identical subsequent rule where all configured conditions are the same. A 
subsequent rule would not be preempted if any condition were different.

The following table summarizes the actions you can take to show and clear warnings.

select a rule

click a blank area in the row for a rule. Use the Ctrl or Shift key to select multiple rules. 
Rules you select are highlighted.

clear rule selections

click the reload icon (

) on the lower right side of the page. To clear individual rules, 

click a blank area in a rule's row while holding the Ctrl key.

cut or copy selected rules 

right-click a blank area in the row for a selected rule, then select 

 or 

.

You can copy, but not cut static rules.

paste rules you have cut or 
copied into the rule list

right-click a blank area in the row for a rule where you want to paste selected rules, then 
select 

 or 

.

You can only paste static rules in the Static Translations list and only dynamic rules 
in the Dynamic Translations list.

move selected rules

drag and drop selected rules beneath a new location, indicated by a horizontal blue line that 
appears above your pointer as you drag.

delete a rule

click the delete icon (

) next to the rule, then click 

.

You can also right-click a blank area in the row for a selected rule, select 

, 

then click 

 to delete one or more selected rules.

show warnings

click 

; see