Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1580
Views
5
Helpful
4
Replies

Old Firepower to new Firepower info migration.

Go to solution
Larry Sullivan
Level 3
Level 3

‎11-04-2019 02:13 PM - edited ‎02-21-2020 09:39 AM

Hi,

 

I have the below Firepower setup.  Many of the access-policy configs will be migrating to a new FP 4110 implementation.  The new FP/FMC has an import/export option, but the older one (versions below) do not.  I'm trying to figure out how I can pull the list of whitelist and blacklist URLs so I can migrate them over.  If I have to copy and paste to a document from CLI, that is better than doing it URL by URL via the GUI.  Is there a way in the FTD CLI or FMC GUI to copy all whitelist/blacklist URLs?  I would also be interested in doing the same with the access-policy.  Any tips appreciated.

 

OLD

6.1.0.5 (build 45)

Cisco Fire Linux OS 6.1.0 (build37)

ASA5525 (72) Version 6.1.0 (Build 330)

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Larry Sullivan

‎11-06-2019 03:49 AM

The older version would have to first upgrade to 6.5. then you can do a backup and restore to the new system. Prior to this being available on 6.5 you could only restore to the same VM type or hardware platform.

Also, you have to be moving from an FMC to one of the supported models as shown in the FMC Model Migration Guide here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration/b_FMC_Model_Migration_Guide/about_fmc_model_migration.html

View solution in original post

4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-04-2019 08:28 PM

Are you currently managing using FMC and are you planning to migrate to a new model of FMC? If so, FMC 6.5 supports platform migration for that use case.

0 Helpful

Go to solution
Larry Sullivan
Level 3
Level 3
In response to Marvin Rhoads

‎11-05-2019 12:39 PM - edited ‎11-05-2019 04:13 PM

Well, internal IPs (objects) will change.  So I really just need the URL whitelist and blacklist.  Are you saying migration that is different than the export/import option in 6.5?  6.5 can migrate the older version without the older version having an export option or are you suggesting upgrading the older version to 6.5?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Larry Sullivan

‎11-06-2019 03:49 AM

The older version would have to first upgrade to 6.5. then you can do a backup and restore to the new system. Prior to this being available on 6.5 you could only restore to the same VM type or hardware platform.

Also, you have to be moving from an FMC to one of the supported models as shown in the FMC Model Migration Guide here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration/b_FMC_Model_Migration_Guide/about_fmc_model_migration.html

Go to solution
Larry Sullivan
Level 3
Level 3
In response to Marvin Rhoads

‎11-06-2019 11:22 AM

Thanks Marvin.  Not quite sure where that link is getting their model numbers fro FMCv but I'll figure it out.  Thanks again.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card