09-29-2021 02:26 PM
I have powered up my two new FTD 1140s, Given each management interface an IP, and specified the FMC ip address and regkey. The FMC I specified currently manages the Firepower services for my two ASA 5515xs. I am following the "Firepower Threat Defense Deployment with FMC" guide. At this stage I am supposed to
1.) Obtain feature licenses
2.) Generate a license token for the FMC
3.) Register the FMC with the Smart Licensing Server
4.) Register the FTD with the FMC
5.) Configure a basic security policy
Will doing this mess around with the ASA with Firepower Services I am already managing with this FMC. Probably not step 4.
I will be using the Migration tool eventually to push the primary ASA to one of the FTDs.
Any info would be appreciated.
Thanks
Solved! Go to Solution.
09-29-2021 08:53 PM
"Will doing this mess around with the ASA with Firepower Services I am already managing with this FMC."
No - not at all.
Your ASA firepower service modules use classic licenses which can coexist with Smart licensing on a given FMC.
The policies (Access Control, Prefilter, SSL, NAT, Platform) which you associate with your FTD devices are generally separate from those associated with the managed Firepower service modules. They can share some ancillary policies such as like Intrusion, Network Discovery, and Identity.
09-29-2021 03:34 PM
You will need smart licensing for FTD but that's pretty much it. As long as your FMC version is new enough, you can add the FTDs. There is a process for migrating ASA to FTD on existing FMC.
09-29-2021 08:53 PM
"Will doing this mess around with the ASA with Firepower Services I am already managing with this FMC."
No - not at all.
Your ASA firepower service modules use classic licenses which can coexist with Smart licensing on a given FMC.
The policies (Access Control, Prefilter, SSL, NAT, Platform) which you associate with your FTD devices are generally separate from those associated with the managed Firepower service modules. They can share some ancillary policies such as like Intrusion, Network Discovery, and Identity.
09-30-2021 05:32 AM
Thanks Marvin,
As always great info.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: