Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
706
Views
0
Helpful
5
Replies

Migration ASA with FMT FMC to FRP1140 device

sistemi10
Level 1
Level 1

‎04-18-2023 01:09 AM

Hi to all,

I've tried to migration the configuration  from old ASA configuration on new firepower 1140 using FMT + FMC (trial version) where FRP1140 was managed from FMC.

The migration process go correctly but now because the FMC it's a trial I need to export this configuration in some way for use this configuration with the FRP 1140 local managed instead of FMC managed.

And so I'd like ask to you it's possible export the configuration from device on board on FMC for use on FRP1140 standalone?

Thank you for any suggestion.

Best regards

 

0 Helpful
5 Replies 5

Rob Ingram
VIP
VIP

‎04-18-2023 01:41 AM

@sistemi10 unfortunately you cannot do that.

If you wish the new device to be locally managed using FDM, you can use CDO (get an eval) to export the ASA configuration and apply to the new FDM managed device or configure the new device manually.

https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/migration-guide-CDO/ASA2FTD_Using_CDO/ASA2FTD_with_FP_Migration_Tool_cdo_chapter_0101.html

 

0 Helpful

sistemi10
Level 1
Level 1

‎04-18-2023 06:53 AM

Hi Rob, thank for the answer, I've tried to use the CDO with FRP 1140 (7.3.2) but I can't onboard the FTD on CDO.
I've tried with use cli registration key and the serial number on both Ive an issue like:
SseDeviceRegistrationResponseHandlerAction AWAIT_RESPONSE_FROM_readSseDeviceInfo POLLING_WAIT_BEFORE_CHECK_VERIFY_SSE_REGISTRATION

And the FTD can't onboard on CDO.

I've tried to onboard on a CDO tenant on eu (italy) I don't know if it make the difference.
The FTD it's cofigured with LAN private address behind a ASA (what i want replace) may be possible the ASA FW block the CDO communication?

Have you any suggestion for solve onboarding issue.

Thank you for any answer

 

 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to sistemi10

‎04-18-2023 07:19 AM

Did you remove the FMC manager first? Please review the steps here if you haven't already:

https://docs.defenseorchestrator.com/index.html#!t_onboard-a-configured-ftd-using-the-devices-serial-number.html

0 Helpful

sistemi10
Level 1
Level 1
In response to Marvin Rhoads

‎04-19-2023 01:04 AM

Hi Marving,

yes I've remove the FRP1140 from FMC end enable the local manager, now I've noticed some inconsistencies in the CDO in claim section I read "....If the device has already gone through the initial setup, you must first manually register it to the cloud using FDM..."

But in FDM when go to Cloud Service Register section and click on register the link show the CDO registration, and so I'm in a loop.

And so the doubt is I need to register the device on Cloud with CDO (but not work) or with smart license and the try to add to CDO?

Thank you for any answwer

Best regards

 

0 Helpful

sistemi10
Level 1
Level 1
In response to sistemi10

‎04-19-2023 03:52 AM

I've tried the oboard process using the device serial, the process start but stopped with this message:

Registration Failed
Device registration failed. Please check Workflows for more details about the error. To retry onboarding, please click the 'Retry Onboarding' link below.
Additional Information
Cannot register the device with newer version
 
How can solve it?
 
Regards
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card