07-17-2019 01:17 PM
Our ESXi box failed and we had to rebuild it from scratch (as a result we lost the Firesight/FirePOWER VM). We have a backup but it is not the latest. The restored VM is up and running again but the FirePOWER module on ASA has the latest polices.
Is there a way to import the FirePOWER polices (Access Control Policy in particular) from the FirePOWER module on ASA to the Firesight VM?
07-19-2019 10:13 AM
you can spin the same version of your FMC as the last version and import the backup from your previous FMC file and than push the policy to SFR.
now as it to late. what you can do it spin a new VM FMC with same version as the previous and restore the backup once restore register the new sfr and deploy the policy.
07-19-2019 10:53 AM
I appreciate the feedback but what I’m looking to do is having the VM FMC receive the configuration from the SFR module on ASA (not the other way around).
If this isn’t possible is there a way to display applied configuration on the SFR module (so that I can manually re-add the policies on VM FMC and then deploy to the SFR module)?
07-19-2019 07:45 PM
If you log into the Firepower module and "show running-config" you will see the basic settings. Some bits however are buried in other files and locations with in various databases running on the module and not easily viewable.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide