cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1347
Views
0
Helpful
6
Replies

ASA 5505 to FirePower 2110 NGFW Migration

latintrpt
Level 1
Level 1

Good Morning -

 

I'm looking to migrate a ASA 5505 running 7.2(4) to a FirePower 2110 NGFW.  

 

What would be the best course of action to do this?

 

Thank You

6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

7.2 is too old, you would not see some compatability.

 

If possible bring the ASA to Latest Version 9.X - so you can migrate directly using FTD converstion tool.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Muhammad Azhar
Level 1
Level 1

Dear,

 

I did one migration from asa 8.2 to FTD.

I will suggest to upgrade to 8.4 or higher , after this  you can use migration tool ( this tool is available on Cisco portal CCO login required ).

 

In my case we did not disturb the production network but we use one spare ASA on which we use the same configuration ( the one we use in production with version 8.2 )  and upgrade it to 8.4 and then 9.x.

 

Best Regards

 

 

Marvin Rhoads
Hall of Fame
Hall of Fame

A 5505 is very small and normally doesn't have much configuration.

I would recommend just manually recreating the setup on Firepower. If the ASA is still running the years-old 7.2 software chances are it has a lot of things that are no longer needed and it would be a good time to clean those out.

kurttcot
Level 1
Level 1

Honestly, you're better off recreating the objects, NAT, ACL, etc in the FPMC and and deploying to the new gear. I used the conversion tool to migrate an ASA5510 to an FTD 2110 pair and the conversion tool brought alot of the objects and such over but alot of config was missing causing me to have to verify everything line by line anyway. I just decided to recreate everything to be sure it was correct in the end. Others may have better experience with the tool but my experience was not good.

I'm not all too familiar with the 2110.  Could someone perhaps help me with translating the config from the 5505 to the 2110?

 

Thanks

We have suggested the method you can do it, if still need some one like to do for you.

 

Suggest contact Local SE / Partner, who can help for you build the rules and test and migrate.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: