Re: ASA to FMC migration of contexts

ochia03 · ‎04-28-2023

I got a major problem, moving approx 50 contexts to FMC to create an APC which will be deployed later to a FTD HA cluster, i will not deploy directly to an FTD but to FMC.

Problem is that when i create the source and destination zones with the cisco migration tool it does not allow me to specify the destination zone so it automatically sets it to ANY.

Some of the contexts have thousands of ACLs and to manually change from ANY to the correct destination zone is not viable.

Anyone got any idea how to tackle this?

https://omegle.onl/ vshare

Divya Jain · ‎05-15-2023

Hi,
Can you specify the ASA and FMC version?

Also did you generate migration report and pre migratin report to get details around your migration?
you can refer to this document : https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/218120-configure-the-secure-firewall-migration.html

if the issue is intermittent for some rules, you can try checking using the migration report else maybe check with TAC to see the RCA.

-----------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/4416493] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.
-----------------------------------------

Regards

Divya Jain