Solved: Migration from ASA to FPR 2110

fpiccioni · ‎11-18-2020

Hi

I have to migrate ASA 5510 to FPR 2110. Looking in the forums, I found we can use Migration Tool , however the procedure use Firewall Management Center FMC.

We do not buy FMC because FPR 2110 should be manageable without it

Is there a way to migrate configuration or I have to do manually?

Thanks

Regards

Rob Ingram · ‎11-20-2020

You cannot migrate from ASA to FMC and then migrate from FMC to FDM management. You'd have to continue to use FMC.

If you wish to manage the new device using local management (FDM), then you'll either have to do it manually or use CDO's migration functionality (as per guide above). CDO relies on FDM anyway, so once migrated, you can then either manage the device locally via FDM or CDO.

HTH

View solution in original post

Rob Ingram · ‎11-18-2020

Hi @fpiccioni

If you intend to migrate your ASA configurations to FTD devices and manage them with Firepower Device Manager (FDM), use the cloud-based process in CDO to migrate your ASA configurations. You can then use FDM to manage your configuration.

This is documented here.

https://www.cisco.com/c/en/us/td/docs/security/firepower/migration-tool/migration-guide-CDO/ASA2FTD_Using_CDO/ASA2FTD_with_FP_Migration_Tool_cdo_chapter_011.html

If you don't have CDO or don't wish to purchase it then you'd have to migrate manually.

HTH

fpiccioni · ‎11-20-2020

Hi

thanks for helping.

The configuration I have to migrate is quite complex and I could make mistake (typing or others kind )

Could be an idea to install FMC using evaluation license?

Thanks

Rob Ingram · ‎11-20-2020

You cannot migrate from ASA to FMC and then migrate from FMC to FDM management. You'd have to continue to use FMC.

If you wish to manage the new device using local management (FDM), then you'll either have to do it manually or use CDO's migration functionality (as per guide above). CDO relies on FDM anyway, so once migrated, you can then either manage the device locally via FDM or CDO.

HTH