I have a setup with 4 HA pairs of FTD's in the FMC Global domain all running 6.6.4.x. We intend to deploy many more, so have decided we need to segregate access based on geo-location of the FTD's. So I need to create new subdomains for the new FTD's around the world, to allow user access control to specific regions.
If I try to create a subdomain, then the system refuses to allow me to leave any FTD's in the Global domain, thus I need to move them all. These are in production & 2 sets are used as VPN hubs. The cisco documentation for this is laughable in its lack of specific detail. "the system will move what it can & delete what it can not" does NOT fill me with a warm fluffy feeling.
Has anyone done this ? Any pointers or advice ?
Thanks
Chris.