cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2271
Views
0
Helpful
10
Replies

How to migrate SFR policies and object on-the-box management to FMC?

erickflamenco
Level 1
Level 1

Hi Experts,

 

How do  I import a very huge Access-control Policy and a lot of objects, from SFR ASA5500x module with on-the-box management (ASDM) to Firepower Management Center FMC-ACP?

What´s you recommendation?

 

Thanks a lot for your response.

 

Erick

10 Replies 10

benolyndav
Level 4
Level 4

Hi

You use the ASA to FTD migration tool which can be downloaded from Cisco.com.

 

Thanks

Hi MassB

 

This tool is for ASA configuration  not for sfr configuration.

 

ASA 5585-X with ASA only (the Firepower Migration Tool does not migrate the configuration from the ASA FirePOWER module)

 

Thanks

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/migration-guide/ASA2FTD-with-FP-Migration-Tool/b_Migration_Guide_ASA2FTD_chapter_0111.html#id_70647__Target

 

 

balaji.bandi
Hall of Fame
Hall of Fame

If you looking to Migrate from SFR to FTD follow the below guide : ( you need to register the SFR device with FMC first)

 

https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/213269-upgrade-procedure-through-fmc-for-firepo.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hi Balaji,

 

I´m not looking for upgrading the module, I´m looking for migration ACP and objects from on-box fo FMC.

 

Thanks.

Spyros Kasapis
Level 1
Level 1

Did you find anything ?

 

@Spyros Kasapis there is no tool to migrate policies etc. from a locally-managed ASA Firepower service module to FMC.

The only option is to manually recreate them.

Thank you Marvin .

 

 

Just to add to what Marvin has said, you could look into writing a script, using APIs, that gets the configuration from the FDM, converts the rule to be FMC compatible and then POST to the FMC.  Still a manual process but it will reduce human error.

--
Please remember to select a correct answer and rate helpful posts

Hello Marius ,

the rules are from srf not fdm .

Can you suggest a link to read ?

Sorry overlooked that this was SFR.  I did find this document on migrating ASA with SFR to FTD. Hope it helps.

https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/migration-guide-fps/ASA2FTD-with-FPS-FP-Migration-Tool/b_Migration_Guide_ASA2FTD_chapter_0111.html

 

--
Please remember to select a correct answer and rate helpful posts
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: