Translating Between Vendors

The Scenario

Your company just added Palo Alto firewalls alongside your existing Cisco ASAs. You have 50 ASA rules that need to be recreated on the PAN. Manually translating each rule would take days. AI does it in minutes.

---

The Prompt

Convert this Cisco ASA firewall rule to Palo Alto PAN-OS configuration:

access-list OUTSIDE_IN extended permit tcp host 203.0.113.50 host 10.1.1.100 eq 443
access-list OUTSIDE_IN extended permit tcp 192.168.0.0 255.255.255.0 host 10.1.1.200 range 8080 8090
access-list OUTSIDE_IN extended deny ip any any log

Also show me the equivalent Palo Alto security policy in set commands format.

---

What AI Gives You

A clear mapping showing:

• ASA access-list → PAN-OS security policy rules
• Source/destination zone mapping
• Service objects for the port ranges
• The deny-all as a cleanup rule with logging

Both in the web UI format and CLI set commands.

---

Review and Validate

• Zone names: AI will guess zone names — replace with your actual zone names
• NAT: ASA ACLs often work with NAT. The PAN-OS rule may need a corresponding NAT policy
• Rule order: PAN-OS processes rules top-down, same as ASA, but verify

---

Try It Yourself

Take any config from one vendor and ask AI to convert it to another. Works for:

• Cisco to Juniper (IOS to JunOS)
• Cisco to Arista (very similar but subtle differences)
• FortiGate to Palo Alto
• Any vendor to any vendor