Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
650
Views
0
Helpful
3
Replies

FMC Migration 1to1 with active FTDs(HA)

alex.f.
Level 1
Level 1

‎10-17-2022 08:59 AM

Hi,
I recently had to migrate a FTD HA (tow FTD2130) from one FMC to a new one.
I installed the FMC in the exact Version and restored a five day old backup from the OLD FMC to the NEW FMC.
Everything was the same from the MGMT IP of the FTDs (10.0.0.x/24) to the MGMT Network of the old and new FMC (10.0.1.100/24), Certs, Policy's, RA VPN, S2S VPN, NAT, DHCP.
I have made these steps:
- FTD2 Active HA disabled on Console
- FTD1 passive HA disabled on Console
- FTD2 Active delete Manager on Console
- FTD1 passive delete Manager on Console
- FTD2 Active add Manager on Console
- new FMC add Device FTD2 (with Access Policy)

The FMC pushed the Access Policy on the active Device and did something unexpected.
It deleted all Zones from the Interfaces, all Routes, every NAT statement, DHCP, CERTS, VPN S2S and VPN RA.

How is this possible?
What did I wrong?

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎10-17-2022 10:38 AM

FTD2 active by config or is this failed over ? from FTD1 to FTD2 ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

alex.f.
Level 1
Level 1
In response to balaji.bandi

‎10-17-2022 10:54 PM

FTD2 was the active Device from the HA.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-17-2022 11:01 AM

In addition to an FMC restore, there is also a Device level backup/restore from within FMC. Restoring that type of backup (in addition to the FMC restore) would have allowed you to restore the zones, routes etc. you had configured specific to the devices.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card