cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

139
Views
10
Helpful
4
Replies
Beginner

Cisco ASA Firepower management with ASDM

HI All

I Have a Cisco 5555-x with Firepower Services which is previously managed with FMC(with Cisco ASA5555 Firepower Control, IPS,AMP and URL Licenses). Now, I want to manage it with ASDM. when I connect to firewall via ASDM, I see only "ASA FirePOWER Status" Tab(no configuration TAB). As I surfing the web, I got that in Setup Wizard(if it is not correct,please let me know), I need to enter firepower network configuration(as same as in my current firepower network configuration). My question is that, after finishing wizard setup, all the previous firepower configuration and licenses will be deleted or not?

best regrads

Sina HR.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Guru

Re: Cisco ASA Firepower management with ASDM

When you change from FMC management to local (ASDM) management of an ASA Firepower service module and policies deployed from FMC are lost. You don't need to re-run the setup wizard but you do need to delete the FMC manager ("configure manager delete") and the the module to use ASDM instead ("configure manager local") from the module cli. When ASDM connects to an ASA with Firepower service module it checks the module for which management type is configured. If it is local (and your ASDM user has admin level privilege) you will get the configuration tab for the module. Licenses are not "lost" but do need to be rehosted from FMC to ASDM via the self-service portal at software.cisco.com.

View solution in original post

Highlighted
Hall of Fame Guru

Re: Cisco ASA Firepower management with ASDM

The installed policy resides on the target managed device.

However, there's no provision for that policy to be synced back "up" when a new type (for instance changing from FMC to ASDM) or different instance of the same type of manager (in the case of FMC) is configured.

Licenses need to be rehosted as I noted. 

View solution in original post

4 REPLIES 4
Hall of Fame Guru

Re: Cisco ASA Firepower management with ASDM

When you change from FMC management to local (ASDM) management of an ASA Firepower service module and policies deployed from FMC are lost. You don't need to re-run the setup wizard but you do need to delete the FMC manager ("configure manager delete") and the the module to use ASDM instead ("configure manager local") from the module cli. When ASDM connects to an ASA with Firepower service module it checks the module for which management type is configured. If it is local (and your ASDM user has admin level privilege) you will get the configuration tab for the module. Licenses are not "lost" but do need to be rehosted from FMC to ASDM via the self-service portal at software.cisco.com.

View solution in original post

Beginner

Re: Cisco ASA Firepower management with ASDM

Hi Marvin Rhoads.

thanks for replying.

I have to say that the FMC VM is deleted and there is no Backup/snapshot from previous Network Security Administrator. If I want to install new FMC VM, i have to install license and policy again? in other words, all policy and licenses always installed in management center either ASDM or FMC and not in SFR Module?

Best Regards.

Highlighted
Hall of Fame Guru

Re: Cisco ASA Firepower management with ASDM

The installed policy resides on the target managed device.

However, there's no provision for that policy to be synced back "up" when a new type (for instance changing from FMC to ASDM) or different instance of the same type of manager (in the case of FMC) is configured.

Licenses need to be rehosted as I noted. 

View solution in original post

Beginner

Re: Cisco ASA Firepower management with ASDM

thanks so much Marvin.

Sina HR.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here