09-10-2021 04:28 PM
I am tasked with migrating from a pair of 5585 (ASA, not FP), to a pair of FP4115.
I am new to the FP platform, so I am a little lost, as this is very different from the old ASA hardware platform. FInding the proper info on Cisco.com has proven difficult.
This firewall is for an internal zone, so just straight firewall (no vpn, no IPS, etc..). The firewalls are in HA (A/P)
1 - How do I put the 4115 into appliance mode, so as to make it "just"ASA? I found documentation for the 2100, but i can't any for the 4100 series. We only need one instance of ASA.
2- For HA (A/P), is it done at the FP/FXOS level (clustering), or can it be fully managed from the ASA/ASDM?
3-Are port channels and VLAN's configured at the FXOS level, or just the ASA level?
4- Is there a particularly recommended version for FXOS and ASA on FP?
5 - There is the dedicated management port. I know I need that for FXOS, but when I try to add the ASA "application¨, it seems to require a separate interface to be set to MGMT at the FXOS level, meaning one less interface available for data. We manage our old one inline, so I am bit confused as to this requirement.
I know these are some basic questions about the FP platform. I appreciate any assistance I can get to help me get moving on this migration.
09-10-2021 07:35 PM - edited 09-10-2021 07:39 PM
1- This is the procedure on how to install ASA on FPP 4100 Series :
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp4100/firepower-4100-gsg/asa_deploy.html
This is a youtube video for the procedure :
Bootstrap Firepower 4100/9300 appliance and install ASA software as the Logical Device.
2- ASA/ASDM Level
3-ASA Level
4-For FPP 4115 the ASA Version Golden Star 9.14.2 (Recommended),
https://software.cisco.com/download/home/286323333/type/280775065/release/9.14.2%20Interim
For the FXOS this is quoted from Cisco Documentation:
Firmware Upgrade—We recommend upgrading your Firepower 4100/9300 security appliance with the latest firmware. For information about how to install a firmware update and the fixes included in each update, see https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/firmware-upgrade/fxos-firmware-upgrade.html.
And the last FXOS For 4115 for now is 2.10.1.166
https://software.cisco.com/download/home/286323333/type/286287263/release/2.10.1.166
5-The video shows how to set the MGMT for ASA level.
--
Don't forget to rate helpful posts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide