Re: Firewall Migration from CSM

rosarra · ‎05-30-2022

After several policy imports from ASDM to FMC I am going to migrate some policies created through CSM. The tool is still the same (Firewall Migration Tool 2.5.3) and the firewall model is the same as the previous ones (ASA 5585) but after the migration I realized that the policies are not aggregated as in CSM but divided by single ACL. My question is: why in previous migrations from policies created using ASDM I did not experience this problem? How can I aggregate the policies without having to modify the existing 2000 or so rules? Thank you for any help!

balaji.bandi · ‎05-31-2022

I do not believe that CSM to FMC have any tool to Migration, the one approach you followed ASA to FTD that should work, what is the challanges you see here, what went wrong ? i am sure TAC support his Migration tool if you have issue, also it will helpfull for them to identificy any issue and fix as use case.

I see some odd issues way back CSM old vs new 4.X (OLD CSM does in different way compare to new CSM)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

rosarra · ‎05-31-2022

Hi BB,

the migration tool works perfectly and I extracted the policies from the ASA and submitted to the FMC. Unfortunately, the rules are not aggregated by source or destination as in the CSM. In previous imports (again from ASA cfg file) I obtained the aggregated rules and not individual ones. In any case I will submit the problem to Cisco TAC.

Thank you.

Roberto