I just started with an organization that did an ASA to Firepower conversion and then significantly modified and updated the Firepower configuration. The Firepower is not yet in production. Looking at the history of the ASA (a 5520), I think ages ago when it was converted from 8.2(5) to 8.4(x), the autoconversion process threw in many, many uneeded NAT rules. There are 1,436 NAT statements, and less than 120 are needed. Consequently, all 1,436 rules are in the Firepower, along with another 100 or so lines of configuration.
The bulk of the reconfiguration on the Firepower has been with reorganizing the ACLs, e.g. reorganizing some, removing a few more, and sorting by interface.
What I'd like to do is the following:
1) Clean up the ASA. I have identified all changes and have a text file with all information.
2) Strip out information from the ASA configuration for the portions I want to keep on the Firepower (specifically the ACLs).
3) Do some magic (this is where I need help) that will remove thousands of extraneous entries from the Firepower, convert the desires portions of the ASA configuration into what the Firepower can ingest, and merge things together.
I thought about saving the Firepower configuration, converting the ASA configuration, copying the converted ASA configuration into the appropriate Firepower section, re-uploading the resulting configuration into Firepower, and be off on my way. Will this work? Is there a better way? Will this not work? Unfortunately, I don't have another Firepower to test this on, and I live about 3 hours from where the Firepower is currently located. Thanks for any advice.