Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
976
Views
0
Helpful
1
Replies

Help with migration from 5585 (ASA) to 4115

electrik_one
Level 1
Level 1

‎09-10-2021 04:28 PM

I am tasked with migrating from a pair of 5585 (ASA, not FP), to a pair of FP4115.

 

I am new to the FP platform, so I am a little lost, as this is very different from the old ASA hardware platform. FInding the proper info on Cisco.com has proven difficult.

 

This firewall is for an internal zone, so just straight firewall (no vpn, no IPS, etc..).  The firewalls are in HA (A/P)

 

1 - How do I put the 4115 into appliance mode, so as to make it "just"ASA? I found documentation for the 2100, but i can't any for the 4100 series. We only need one instance of ASA.

 

2- For HA (A/P), is it done at the FP/FXOS level (clustering), or can it be fully managed from the ASA/ASDM?

 

3-Are port channels and VLAN's configured at the FXOS level, or just the ASA level?

 

4- Is there a particularly recommended version for FXOS and ASA on FP?

 

5 - There is the dedicated management port. I know I need that for FXOS, but when I try to add the ASA "application¨, it seems to require a separate interface to be set to MGMT at the FXOS level, meaning one less interface available for data. We manage our old one inline, so I am bit confused as to this requirement. 

 

I know these are some basic questions about the FP platform. I appreciate any assistance I can get to help me get moving on this migration. 

 

 

 

 

0 Helpful
1 Reply 1

Amine ZAKARIA
Spotlight
Spotlight

‎09-10-2021 07:35 PM - edited ‎09-10-2021 07:39 PM

@electrik_one ,

 

1- This is the procedure on how to install ASA on FPP 4100 Series :
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp4100/firepower-4100-gsg/asa_deploy.html

This is a youtube video for the procedure : 
Bootstrap Firepower 4100/9300 appliance and install ASA software as the Logical Device.

 

2- ASA/ASDM Level

 

3-ASA Level

 

4-For FPP 4115 the ASA Version Golden Star 9.14.2 (Recommended), 

https://software.cisco.com/download/home/286323333/type/280775065/release/9.14.2%20Interim

 

For the FXOS this is quoted from Cisco Documentation:

And the last FXOS For 4115 for now is 2.10.1.166

https://software.cisco.com/download/home/286323333/type/286287263/release/2.10.1.166

 

5-The video shows how to set the MGMT for ASA level.

 

--

Don't forget to rate helpful posts

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card