09-26-2023 06:34 PM
Hi, is there any config conversion tool for concerting Firewall config from traditional ASA 5510 box to firepower 2110 ASA appliance. Both boxes are running on 9.x ASA code
09-26-2023 07:57 PM
There's no tool for this. The configurations are compatible with only the change of interface numbering. So, you can do a few manual edits of the running-config from the 5510 and then just load it on the 2110.
09-28-2023 08:47 AM
Thanks for the response, one more query, Do I need to cater for any license for IPsec in the new 2110 Firepower ASA? My current 5510 ASA have couple of IPsec and SSL VPN configured, so i want to port over the same to this new Firepower appliance.
09-28-2023 10:45 AM
You need only the free 3DES-AES license for IPsec VPN. That should automatically appear if your license token had the option to allow export controlled functionality.
SSL VPN will require you to assign Smart licenses by enabling AnyConnect. You must have the licenses in your Smart account. If you have the classic AnyConnect PAK-based licenses in the software.cisco.com LRP you can ask TAC to share them with your smart account. If they are so old that you don't have them there then you would need to purchase new AnyConnect / Secure Client licenses.
09-28-2023 10:51 AM
I THINK You need migrate tool for config from asdm to fmc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide