Re: Flex-Config-EIGRP

akash.tiwari · ‎07-05-2021

Hi Team, please help us to migration of ASA EIGRP configuration to FTD configuration, below is ASA configuration.

router eigrp 100
network 10.10.10.0 255.255.254.0

authentication key eigrp 111 ***** key-id 1
authentication mode eigrp 100 md5

access-list EIGRP standard permit 10.10.250.0 255.255.255.192

route-map BLOCK_Routes permit 10
match ip address BLOCK_Routes

route-map STATIC-TO-EIGRP permit 10
match ip address EIGRP

access-list BLOCK_Routes remark BLOCK_Routes
access-list BLOCK_Routes standard deny any4

Eric R. Jones · ‎07-05-2021

Have you tried the migration tool?
If your using 7.0 it's included in the FMC.
You can download it from the cisco site also.
It should convert that for you.

akash.tiwari · ‎07-05-2021

Dear Eric,

Thanks for your response, that means on 7.0 version we can migrate all configuration like EIGRP, RA VPN?

i have tried with migration tool, FMC Ver is 6.4, Tool ver:2.3.5

but here are some limitations to configure EIGRP so we need to configure its manually.

i am facing issue to confgure authentication key and that key need to map with in and out interfaces.

below is snap, could you please help us to write script.

Marvin Rhoads · ‎07-06-2021

You have the script already shown in your Screenshot_1 attachment. Just edit and save the variable values in your Object Management page of FMC:

Objects > Object Management > FlexConfig > Text Objects

akash.tiwari · ‎07-06-2021

Dear Marvin,

i have edited variables and tryied to add secret key, which one is already configured on cisco ASA, but i am facing same issue here to configure secret key here. Snap attached.

also please help to configure interfaces, can i go with default configuration.

Marvin Rhoads · ‎07-06-2021

As noted in the screenshot, you need to modify the secret key to not include disallowed characters such as $ and space.

Interfaces depend on where you need to establish EIGRP neighbor relationships. Only include those FTD interfaces where that's required.