Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
745
Views
0
Helpful
2
Replies

FirePower Threat Defence (VPN config not migrated)

rade5
Level 1
Level 1

‎11-22-2017 09:33 AM - edited ‎02-21-2020 06:49 AM

Hi Guys

 

I have just migrated my asa config to firepower using the migration tool, then uploaded the converted file to the FMC. The ACLs AND NATs all good, but no VPN config.

 

1. Is this normal

2. I have about 20 vpns that I have to recreate 1 by 1, except there is a way to copy paste

 

Any help would be apprieciated.

 

Thkx

Labels:
0 Helpful
2 Replies 2

mikael.lahtela
Level 4
Level 4

‎11-23-2017 02:42 PM

Hi,

Haven't tried converting yet.
I think you need to add them manually, it's not that bad when you get into it.
Just verify the settings in every tab as you go along, because FMC caches settings from previous tunnel to next new tunnel.
And you need to create your policy and proposals (under objects) if you are using other than the default ones that are configured in FMC.

br, Micke
0 Helpful

niko
Level 1
Level 1

‎11-23-2017 11:15 PM

Yes, VPN is not migrated and that is expected - NAT and ACL are converted with exception of some specific cases.

More information: https://www.cisco.com/c/en/us/td/docs/security/firepower/620/asa2ftd-migration/asa2ftd-migration-guide-620/asa2ftd_intro.html#id_30945 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card