Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1924
Views
5
Helpful
2
Replies

Cisco ASA 5510 (HA) migration to Cisco Firepower 1140 (HA)

Go to solution
anuragvadakkekara
Level 1
Level 1

‎07-26-2020 09:46 PM

I have requirement of migrating existing Cisco ASA 5510 in HA to Firepower 1140 HA. Understand that we can use Firepower migrating tool  to export ASA config to FMC, then FMC can push the config to FTD. Is there any useful document for FTD 1140 HA config? and whether we can perform the upgrade offline ?

Regards

Anurag

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-26-2020 10:31 PM

If your ASA is running version 8.4 or later yes you can use the Firepower Migration Tool (FMT) to migrate to a Firepower appliance running FTD.It's a good idea to cleanup any unused configuration (unused object, ACLs etc.) in your existing configuration first. I recommend this tool:

https://www.tunnelsup.com/config-cleanup/

FMT will migrate the bulk of the configuration but not everything. Some things such as the basic management interface setup and VPNs must be done outside of the FMT process.

Any HA in your new appliances must also be setup separately but that's a pretty simple process and is described here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/high_availability_for_firepower_threat_defense.html#task_686C71A99B5C4CA18FC6681F83B23F45

View solution in original post

2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-26-2020 10:31 PM

If your ASA is running version 8.4 or later yes you can use the Firepower Migration Tool (FMT) to migrate to a Firepower appliance running FTD.It's a good idea to cleanup any unused configuration (unused object, ACLs etc.) in your existing configuration first. I recommend this tool:

https://www.tunnelsup.com/config-cleanup/

FMT will migrate the bulk of the configuration but not everything. Some things such as the basic management interface setup and VPNs must be done outside of the FMT process.

Any HA in your new appliances must also be setup separately but that's a pretty simple process and is described here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/high_availability_for_firepower_threat_defense.html#task_686C71A99B5C4CA18FC6681F83B23F45

Go to solution
anuragvadakkekara
Level 1
Level 1
In response to Marvin Rhoads

‎07-27-2020 12:02 AM

Thanks Marvin. Will check this out.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card