Junos Space Developer
Junos Space Developer

Converting address book

‎05-06-2019 10:42 AM
Hi all,

I’ve recently installed Juniper Security Director ... all is well except I realise I’ve made individual address books on each SRX device. Really these all want to be a global address book managed by Security Director.

Any ideas how to convert them over to a universal address book that is centrally managed in the Director software without simply starting over?

Thanks
2 REPLIES 2
Junos Space Developer
Solution
Accepted by topic author oban3jimmy
‎05-11-2019 11:36 AM

Re: Converting address book

‎05-06-2019 11:55 AM

You are not the first one needing to do this. There are a couple of script/binaries available to help you.

Convert the address book on your SRX and then import it into Security Director where it will pick of the global address book.

 

https://rtodto.net/migrating-zone-based-address-book-to-global-in-juniper-srx/

https://forums.juniper.net/t5/Automation/SRX-How-to-convert-zone-based-address-books-to-a-global-one...

https://github.com/dfex/address-globaliser

https://github.com/scottdware/zone2global

 

I hope this helps.


--
Best regards,

Jonas Hauge Jensen
Systems Engineer, SEC DATACOM A/S (Denmark)
Junos Space Developer

Re: Converting address book

‎05-06-2019 12:41 PM
That’s perfect,

Just to confirm, if I convert all my addresses to global in Sec Director, then delete the old zone address book - will I have to update each rule or will it automatically look at the new address book?

Thanks