05-20-2022 05:21 AM
Hello, just after a bit of advice about the best method to replace FTD hardware managed by FMC.
Currently have 2130 HA pair that are to be replaced with a 2140 HA pair for performance requirements. The 2130 are managed by FMC and the new FTDs will also be managed by FMC.
Would the push device config or backup/restore methods work in this instance with them being 2100 series?
Or do we have to manually build the new appliance in FMC and assigning policies individually to match the existing configuration?
Regards
Dale Shaw
Solved! Go to Solution.
05-20-2022 05:27 AM
@Dale Shaw I wouldn't both backing up and restoring. I would configure them using new unique mgmt IP addresses, connect them to the FMC. You can then assign the same data interface IP addresses (leave them shutdown), configure routing etc and assign the existing policies to the new FTDs. Then when ready to cutover, enable the interfaces and deploy policy.
05-20-2022 05:27 AM
@Dale Shaw I wouldn't both backing up and restoring. I would configure them using new unique mgmt IP addresses, connect them to the FMC. You can then assign the same data interface IP addresses (leave them shutdown), configure routing etc and assign the existing policies to the new FTDs. Then when ready to cutover, enable the interfaces and deploy policy.
05-20-2022 07:13 AM - edited 05-20-2022 07:16 AM
Thanks Rob, thanks you for the quick reply. My initial thought was to do it as you have suggested.
I just wondered if there was a method that removes some of the manual configuration steps as there are quite a few static routes to configure on this appliance.
Is it possible to use the push configuration feature in the device management section or backup/restore between different models in the same series?
Regards
Dale Shaw
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide