02-21-2023 08:49 AM
Just want to check my bases here to be sure I'm not missing anything. So I have an ASA currently being used and I have a Firepower 4100 Series with an ASA logical device that I plan on migrating to. I have set the configs in the FPR-ASA exactly as the production ASA. In theory should I just be able to plug and play with no issues or is there something else I may need to look out for. I have mapped the interfaces to the logical ASA and given the ASA the same ip schema as the production. With that being said shouldn't everything jive accordingly?
02-21-2023 08:58 AM - edited 02-21-2023 09:00 AM
@DerekLazarus78183 it depends on what the ASA is used for, if you are using the existing ASA for VPNs with PSKs, then you'll need to use more system:running-config command to view the PSK in clear text. Bear in mind, newer ASA versions have depreciated older weak crypto, so you should check what encryption|integrity|DH ciphers you are using. Clientless VPN is also depreciated in newer ASA versions.
Other than that, I think copying the configuration should be ok.
02-21-2023 11:30 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide