Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
336
Views
2
Helpful
2
Replies

Copy configuration from source FMC A to target FMC B / Parallel build

Go to solution
Shamrock
Level 1
Level 1

‎08-07-2024 11:23 AM

Reaching out to the community for guidance on approach.  

We have an FMC on version 6.4 currently managing a set of devices.  What we would like to do is copy the configuration and import into FMC B.  We don't need FMC B to manage the devices, as they're going to be refreshed.  But we would like to bring over as much of configuration as possible, including objects and policies. 

The thought was to back up from source FMC and import into target on same version.  The target would have a different IP address, we then can blow away the devices since they'll be rebuilt, but at least we'd have the objects and policies.  The goal would not impact the prod FMC and devices of course, so we can continue the build of FMC B and refreshed devices in parallel.  Then eventually de-register and remove once we cutover to new devices.

Thanks

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎08-07-2024 12:59 PM

@Shamrock a couple of options.

There is a migration guide, that migrates the entire FMC configuration from source to target. https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration/b_FMC_Model_Migration_Guide/m_fmc_migration_workflow.html

Or you can export/import option, where you can export policies, which would also export the objects. https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/configuration_import_and_export.html

 

View solution in original post

2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎08-07-2024 12:59 PM

@Shamrock a couple of options.

There is a migration guide, that migrates the entire FMC configuration from source to target. https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration/b_FMC_Model_Migration_Guide/m_fmc_migration_workflow.html

Or you can export/import option, where you can export policies, which would also export the objects. https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/configuration_import_and_export.html

 

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-07-2024 09:37 PM

You will likely encounter issues with versions unless you plan very carefully. Restore or migration both require the new target FMC to be the same version. Upgrading 6.4 to anything current will require at least two upgrades and then you might also encounter issues with the managed devices since and FMC can only manage so far back.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/compatibility/threat-defense-compatibility.html#Cisco_Reference.dita_78462dbc-06a1-4c7f-92b4-e9cdefc0825d

If your devices are currently running 6.4, they must be older devices and possibly past end-of-support.

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card