cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

190
Views
5
Helpful
4
Replies
Beginner

Old Firepower to new Firepower info migration.

Hi,

 

I have the below Firepower setup.  Many of the access-policy configs will be migrating to a new FP 4110 implementation.  The new FP/FMC has an import/export option, but the older one (versions below) do not.  I'm trying to figure out how I can pull the list of whitelist and blacklist URLs so I can migrate them over.  If I have to copy and paste to a document from CLI, that is better than doing it URL by URL via the GUI.  Is there a way in the FTD CLI or FMC GUI to copy all whitelist/blacklist URLs?  I would also be interested in doing the same with the access-policy.  Any tips appreciated.

 

OLD

6.1.0.5 (build 45)

Cisco Fire Linux OS 6.1.0 (build37)

ASA5525 (72) Version 6.1.0 (Build 330)

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Guru

Re: Old Firepower to new Firepower info migration.

The older version would have to first upgrade to 6.5. then you can do a backup and restore to the new system. Prior to this being available on 6.5 you could only restore to the same VM type or hardware platform.

Also, you have to be moving from an FMC to one of the supported models as shown in the FMC Model Migration Guide here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration/b_FMC_Model_Migration_Guide/about_fmc_model_migration.html

View solution in original post

4 REPLIES 4
Highlighted
Hall of Fame Guru

Re: Old Firepower to new Firepower info migration.

Are you currently managing using FMC and are you planning to migrate to a new model of FMC? If so, FMC 6.5 supports platform migration for that use case.

Beginner

Re: Old Firepower to new Firepower info migration.

Well, internal IPs (objects) will change.  So I really just need the URL whitelist and blacklist.  Are you saying migration that is different than the export/import option in 6.5?  6.5 can migrate the older version without the older version having an export option or are you suggesting upgrading the older version to 6.5?

Hall of Fame Guru

Re: Old Firepower to new Firepower info migration.

The older version would have to first upgrade to 6.5. then you can do a backup and restore to the new system. Prior to this being available on 6.5 you could only restore to the same VM type or hardware platform.

Also, you have to be moving from an FMC to one of the supported models as shown in the FMC Model Migration Guide here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration/b_FMC_Model_Migration_Guide/about_fmc_model_migration.html

View solution in original post

Beginner

Re: Old Firepower to new Firepower info migration.

Thanks Marvin.  Not quite sure where that link is getting their model numbers fro FMCv but I'll figure it out.  Thanks again.