Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2859
Views
0
Helpful
6
Replies

Firepower Migration Tool not working, 0 FTDs found

Go to solution
mhmservice
Level 1
Level 1

‎08-15-2018 04:59 AM - edited ‎03-12-2019 06:53 AM

Hi

 

Im tryiong to build a proof of concept for migrating our ASA firewalls to Firepower

 

I've installed the Firepower Migration Tool, but when I connect to the FMC it says "0 FTDs found", even though I have an FTD added to my FMC

 

Any help greatly appreciated as I have no idea where to start with troubleshooting this

 

image.pngimage.png

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Smalley
Level 1
Level 1
In response to mhmservice

‎08-16-2018 09:40 AM

6.2.3 is the required version of FTD for the migration tool.  Just to verify you are using the FTD image and not the ASA code with Firepower Sensor?  The new migration tool does not support ASA w/Firepower, only the Firepower Threat Defense images.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Greg Smalley
Level 1
Level 1

‎08-15-2018 06:55 AM

I believe the migration tool requires FTD devices to be at least 6.2.3.

 

Regards,

 

Greg Smalley

0 Helpful

Go to solution
mhmservice
Level 1
Level 1
In response to Greg Smalley

‎08-16-2018 08:38 AM

I upgraded the firepower module on the FW but no luck, same error. I completely reimaged and reinstalled the FMC and firepower module on the ASA but still no luck :( hours wasted ... do you know how I can further troubleshoot this?

0 Helpful

Go to solution
Greg Smalley
Level 1
Level 1
In response to mhmservice

‎08-16-2018 09:40 AM

6.2.3 is the required version of FTD for the migration tool.  Just to verify you are using the FTD image and not the ASA code with Firepower Sensor?  The new migration tool does not support ASA w/Firepower, only the Firepower Threat Defense images.

0 Helpful

Go to solution
mhmservice
Level 1
Level 1
In response to Greg Smalley

‎08-17-2018 07:14 AM - edited ‎08-17-2018 07:14 AM

Yes that was it, thanks, I totally misunderstood the requirements for the firepower migration tool. I flashed the firewall with the FTD image instead of ASA and it worked fine. This whole product line is very confusing with multiple different migration tools, firewall firmwares ... thanks for your help.

0 Helpful

Go to solution
Greg Smalley
Level 1
Level 1
In response to mhmservice

‎08-17-2018 07:39 AM

Typically, with ASA w/ Sourcefire sensor, you would keep the rules you have on the ASA, redirect all traffic to the Sourcefire module via a policy, and create a single ACP rule to inspect all traffic. You can later get more granular with the traffic you are inspecting, however that is a good jumping off point. If you decide to go the FTD route, you would migrate all the rules to an ACP policy. Just be aware that certain things are not supported on FTD such as different LDAP group profiles for Remote Access VPN.
0 Helpful

Go to solution
Igor.Dyakonov
Level 1
Level 1
In response to Greg Smalley

‎03-07-2019 01:10 PM - edited ‎03-07-2019 01:15 PM

   Hi, 

 

In case if there is no FTD registered with FMC at all can we still somehow proceed to migrate ACL, NAT, route without apply them to any FTD?

 

We still have no any FTD because we will reimage first ASA  to FTD  next week.  We just wanted to gain some time and start to migrate and configure some objects, routes and ACL, NAT policies on FMC. 

 

Is it viable with 0 FTD on FMC? Both, FTD and FMC are 6.3.0.

 

Thank You.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card