Re: Existing Firepower 5516X connect to new installed FMC

Robbi_Saputra · ‎04-01-2020

hi everyone

currently i have my Firepower 5516X that already setup for the IPS policy, but then we have a plan to purchase a FMC so that we can manage our SFR 5516X through it. but before that i have something that need to be clarify, what will happend when i join my existing SFR 5516X to new FMC, especially with my policy on SFR 5516X ? is it will erase or is it will copy from SFR to FMC ?

thanks all advice

Rob Ingram · ‎04-01-2020

Hi,
Unfortunately it won't copy the existing configuration. Once connected to the FMC you will need to reconfigure the settings and apply to the 5516.
HTH

Sheraz.Salim · ‎04-01-2020

once you join the sfr module to FMC. the FMC will over ride any existing policy setup on sfr and FMC is deploy new policy which you configured on FMC appliances.

the good side is if you manage the sfr on ASDM it does not support network discovery. in FMC you have more option and more control on traffic how to configure and how to control.

there are few option available but none of them are easy.

please do not forget to rate.

Robbi_Saputra · ‎04-02-2020

so in short we can say, the SFR configuration will be erase right ? so what should i need to do just backup my old FMC then restore it to new FMC

Sheraz.Salim · ‎04-02-2020

make sure your both FMC old one and new one are running the same version. if they same version you can upload the old fmc backup into a new FMC.

so when you pair your sfr with new FMC it will push the same config you had in old FMC.

please do not forget to rate.