Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
1
Replies

firepower 1120 configuration copy from ASA 5512-x

hkim
Level 1
Level 1

‎12-20-2023 04:48 PM

Hello 

currently,

I using ASA 5512x for VPN (b2b)

I recently purchase firepower 1120 for replacement 

I was able to export config file from ASA 5512x

however it is not running on the firepower 1120,

I think it is not fit between them(copy config and paste on firepower 1120 CLI environment)

so, please help me how to import or copy config from ASA 5512x to firepower 1120

or 

I tried to set up manually using firepower FTD however the policy doesn't match

was using [crypto ikev1 policy 10] in ASA 5512x but firepower FTD does not have, so if you can guide me for how to manually set firepower 1120 for b2b VPN 

please advise..

Thank You.

 

 

 

 

0 Helpful
1 Reply 1

helpcenterus
Spotlight
Spotlight

‎12-29-2023 12:00 PM

@hkim, when migrating from ASA 5512x to Firepower 1120 for VPN (B2B), directly copying and pasting the configuration might not work due to differences between ASA and Firepower environments. Instead, you should use the Cisco Firepower Migration Tool to convert the ASA configuration to Firepower Threat Defense (FTD) format. This tool automates the process and ensures compatibility. If the migration tool does not address the issue, manually configuring the B2B VPN on Firepower 1120 is necessary. Review the ASA 5512x crypto ikev1 policy settings and adapt them to FTD. For instance, in FTD, you may use the "crypto ikev1 enable outside" command to enable IKEv1 on the outside interface.
Best of luck with your migration!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card