Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1568
Views
10
Helpful
5
Replies

ASA to FTD 1140 migration

Go to solution
Arun2022
Level 1
Level 1

‎04-28-2022 05:09 PM

Hi Members,

 

I am trying to migrate 2 standalone ASA 5525-x on 9.12(2)9 to firepower 1140 FTD 6.4. We don not have the ability to setup an FMC in the environment. Are there any alternative options to migrate the configuration without the migration tool since, the migration tool requires an FMC to migrate the configuration.

 

Any guidance is appreciated.

 

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-29-2022 05:40 AM

You need a CDO tenant to migrate to locally managed FTD. You can get a trial license and then revert to purely local management (FDM) after migrating.

View solution in original post

5 Replies 5

Go to solution
UdupiKrishna
Cisco Employee
Cisco Employee

‎04-28-2022 08:26 PM

https://www.cisco.com/c/en/us/products/security/firewalls/firepower-migration-tool.html - Does specifically state that you can also migrate from ASA to locally managed FTD and not just with FMC managed FTD appliances

 

Continued support in Firewall Migration Tool

Key features

 

  • Network, service, time range, and fully qualified domain name (FQDN) objects and groups
  • Access rules, Cisco Security Manager object grouping, wildcard masks
  • NAT (Network Address Translation), static routes, IPv6
  • Physical interface, port channels
  • Bridge groups (transparent only)

 

Supported target and source configurations

Migration to Firewall Management Center (FMC)-managed FTD from:

  • Cisco ASA
  • Check Point R75 to R77, R80
  • Palo Alto Networks
  • Fortinet

Migration to Cisco Defense Orchestrator / locally managed FTD from:

  • Cisco ASA

0 Helpful

Go to solution
Arun2022
Level 1
Level 1
In response to UdupiKrishna

‎05-03-2022 04:10 PM

Thank you for your response krishna, I did try running the tool however the connection to FMC is mandatory.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-29-2022 05:40 AM

You need a CDO tenant to migrate to locally managed FTD. You can get a trial license and then revert to purely local management (FDM) after migrating.

Go to solution
Arun2022
Level 1
Level 1
In response to Marvin Rhoads

‎05-03-2022 04:08 PM

Thanks Marvin, I will try this method and see how it goes.

0 Helpful

Go to solution
Arun2022
Level 1
Level 1

‎05-19-2022 10:37 PM

Hi , I setup a temporary FMC in the cloud so, that we can use the migration tool to move from ASA to FTD. After moving the configuration we are unable to switch back to local management. It basically wipes out the configuration of the FTD. I tried obtaining a CDO trial license however, so far didn't receive any feedback from Cisco. Any thoughts on how I can migrate the configuration under these circumstances?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card