cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1154
Views
0
Helpful
3
Replies

FTD integration to existing FMC

ethutchinson
Level 1
Level 1

I have powered up my two new FTD 1140s, Given each management interface an IP, and specified the FMC ip address and regkey. The FMC I specified currently manages the Firepower services for my two ASA 5515xs. I am following the "Firepower Threat Defense Deployment with FMC" guide. At this stage I am supposed to

 

1.) Obtain feature licenses

2.) Generate a license token for the FMC

3.) Register the FMC with the Smart Licensing Server

4.) Register the FTD with the FMC

5.) Configure a basic security policy

 

Will doing this mess around with the ASA with Firepower Services I am already managing with this FMC. Probably not step 4.

I will be using the Migration tool eventually to push the primary ASA to one of the FTDs.

 

Any info would be appreciated.

 

Thanks

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

"Will doing this mess around with the ASA with Firepower Services I am already managing with this FMC."

No - not at all.

Your ASA firepower service modules use classic licenses which can coexist with Smart licensing on a given FMC.

The policies (Access Control, Prefilter, SSL, NAT, Platform) which you associate with your FTD devices are generally separate from those associated with the managed Firepower service modules. They can share some ancillary policies such as like Intrusion, Network Discovery, and Identity.

View solution in original post

3 Replies 3

John Hinckley
Level 1
Level 1

You will need smart licensing for FTD but that's pretty much it.  As long as your FMC version is new enough, you can add the FTDs.  There is a process for migrating ASA to FTD on existing FMC.  

Marvin Rhoads
Hall of Fame
Hall of Fame

"Will doing this mess around with the ASA with Firepower Services I am already managing with this FMC."

No - not at all.

Your ASA firepower service modules use classic licenses which can coexist with Smart licensing on a given FMC.

The policies (Access Control, Prefilter, SSL, NAT, Platform) which you associate with your FTD devices are generally separate from those associated with the managed Firepower service modules. They can share some ancillary policies such as like Intrusion, Network Discovery, and Identity.

ethutchinson
Level 1
Level 1

Thanks Marvin,

 

 As always great info.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: