Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
518
Views
0
Helpful
4
Replies

vFMC Migration

gcook0001
Level 1
Level 1

‎01-05-2023 08:51 AM

I am getting ready to perform a migration for my vFMC. Currently, our FMC is licensed for 2 devices. We are currently adding a third firewall so we need to create a new vFMC with the new license. According to our rep we can't just add the new license to the current install. From what I understand reading some documentation to perform the migration I need to perform the following steps.

on the current fmc

- backup the configuration

- backup the manged devices

shut down the current fmc

start the new fmc

- restore the managed device backups

- restore the configuration backup

I am not sure about how the licensing will work since we currently have the two licenses. How do I make sure the new FMC gets the correct license.

Is there anythig I am missing?

 

Thanks

 

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎01-05-2023 09:02 AM - edited ‎01-05-2023 09:03 AM

vMFC can supprt up to 25 devices. what is the reason of creating new vFMC

are you creating new vFMC due to resource issue ? what is the reason for new vFMC ?

Management Center Virtual Licenses

The management center virtual License is a platform license, rather than a feature license. The version of virtual license you purchase determines the number of devices you can manage via the management center. For example, you can purchase licenses that enable you to manage two devices, 10 devices, 25 devices, or 300 devices.

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fmcv/fpmc-virtual/fpmc-virtual-intro.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

gcook0001
Level 1
Level 1
In response to balaji.bandi

‎01-05-2023 09:53 AM

Our current license only supports two devices. We are adding a third device. You can't apply the license for 10 devices to a installation that is licensed for 2. Therefore, we need to create an new install using the new license and migrate the settings.

0 Helpful

Marius Gunnerud
VIP
VIP
In response to gcook0001

‎01-05-2023 02:40 PM

I find this very strange that your "rep" has said you need to reinstall the FMCv because of the license.  Are you using Smart licensing or legacy licensing?  I am leaning towards legacy as this type of issue is easily solved in smart license.  If you are using smart license it is just a matter of adding the new entitlement license into the smart account and you are good to go.

As for the migration you should not need to restore the device backups but they are good to have in case of a disaster scenario.  But for the FMCv restore I would do something like the following.

1. backup FMC
2. backup managed devices
3. power off or remove the existing FMCv from the network
4. power on and configure management on the new FMCv
5. configure remote storage device for the new FMCv
6. restore the backup to the new FMCv
7. verify that devices are showing as registered under the devices tab
8. access CLI on the FTD devices and verify "show managers" is registered to the new FMCv
9. verify that there are no pending deploy jobs

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-06-2023 07:17 AM

Your rep is giving you bad info. As @Marius Gunnerud  and @balaji.bandi said, you do not need to rebuild your FMC.

While it is true that licenses don't "stack" (i.e. you cannot buy 2 each 2-device licenses to manage 4 firewalls), you can replace an existing 2-device license with a 10 (or 25) device license and be done with the job in about 2 minutes.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card