Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2115
Views
5
Helpful
5
Replies

Flex-Config-EIGRP

akash.tiwari
Level 1
Level 1

‎07-05-2021 08:06 PM

Hi Team, please help us to migration of ASA EIGRP configuration to FTD configuration, below is ASA configuration.

router eigrp 100
network 10.10.10.0 255.255.254.0

authentication key eigrp 111 ***** key-id 1
authentication mode eigrp 100 md5

access-list EIGRP standard permit 10.10.250.0 255.255.255.192

route-map BLOCK_Routes permit 10
match ip address BLOCK_Routes

route-map STATIC-TO-EIGRP permit 10
match ip address EIGRP

access-list BLOCK_Routes remark BLOCK_Routes
access-list BLOCK_Routes standard deny any4

 

0 Helpful
5 Replies 5

Eric R. Jones
Level 4
Level 4

‎07-05-2021 08:41 PM

Have you tried the migration tool?
If your using 7.0 it's included in the FMC.
You can download it from the cisco site also.
It should convert that for you.
0 Helpful

akash.tiwari
Level 1
Level 1
In response to Eric R. Jones

‎07-05-2021 09:02 PM

Dear Eric,

Thanks for your response, that means on 7.0 version we can migrate all configuration like EIGRP, RA VPN?

 

i have tried with migration tool, FMC Ver is 6.4, Tool ver:2.3.5

 

but here are some limitations to configure EIGRP so we need to configure its manually. 

i am facing issue to confgure authentication key and that key need to map with in and out interfaces.

below is snap, could you please help us to write script.

 

 

Preview file
77 KB
Preview file
159 KB
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-06-2021 02:06 AM

You have the script already shown in your Screenshot_1 attachment. Just edit and save the variable values in your Object Management page of FMC:

Objects > Object Management > FlexConfig > Text Objects

0 Helpful

akash.tiwari
Level 1
Level 1
In response to Marvin Rhoads

‎07-06-2021 03:04 AM

Dear Marvin,

i have edited variables and tryied to add secret key, which one is already configured on cisco ASA, but i am facing same issue here to configure secret key here. Snap attached.

 

also please help to configure interfaces, can i go with default configuration.

Preview file
105 KB
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-06-2021 05:19 AM - edited ‎07-06-2021 06:22 AM

As noted in the screenshot, you need to modify the secret key to not include disallowed characters such as $ and space.

Interfaces depend on where you need to establish EIGRP neighbor relationships. Only include those FTD interfaces where that's required.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card