Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
810
Views
0
Helpful
2
Replies

Upgrade 2130 to 2140 appliance

Go to solution
Dale Shaw
Level 1
Level 1

‎05-20-2022 05:21 AM

Hello, just after a bit of advice about the best method to replace FTD hardware managed by FMC.

Currently have 2130 HA pair that are to be replaced with a 2140 HA pair for performance requirements. The 2130 are managed by FMC and the new FTDs will also be managed by FMC.

 

Would the push device config or backup/restore methods work in this instance with them being 2100 series?

Or do we have to manually build the new appliance in FMC and assigning policies individually to match the existing configuration?

 

Regards

Dale Shaw

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎05-20-2022 05:27 AM

@Dale Shaw I wouldn't both backing up and restoring. I would configure them using new unique mgmt IP addresses, connect them to the FMC.  You can then assign the same data interface IP addresses (leave them shutdown), configure routing etc and assign the existing policies to the new FTDs. Then when ready to cutover, enable the interfaces and deploy policy.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎05-20-2022 05:27 AM

@Dale Shaw I wouldn't both backing up and restoring. I would configure them using new unique mgmt IP addresses, connect them to the FMC.  You can then assign the same data interface IP addresses (leave them shutdown), configure routing etc and assign the existing policies to the new FTDs. Then when ready to cutover, enable the interfaces and deploy policy.

0 Helpful

Go to solution
Dale Shaw
Level 1
Level 1
In response to Rob Ingram

‎05-20-2022 07:13 AM - edited ‎05-20-2022 07:16 AM

Thanks Rob, thanks you for the quick reply.  My initial thought was to do it as you have suggested. 

I just wondered if there was a method that removes some of the manual configuration steps as there are quite a few static routes to configure on this appliance.

 

Is it possible to use the push configuration feature in the device management section or backup/restore between different models in the same series?

 

Regards

Dale Shaw

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card