02-23-2017 07:22 AM - edited 03-12-2019 01:58 AM
Hi All,
Over two years ago we replaced an aging ASA 5550 with a Palo Alto PA-5050. Palo Alto had a nice conversion tool that I was able to use to migrate the config from our ASA to the PA. Fast forward two years, and long story short, the Palo Alto gave us a lot of problems. Our maintenance was up, and we were outgrowing the device, so we purchased a Firepower 4110 knowing that Cisco had upped their game with the NGFW.
Now I'm stuck with 700+ NAT entries and 700+ ACLs in the PA that I need to migrate to the Firepower. I have the FTD provisioned, and my FMCv VM registered, and I'm able to start configuring rules.
Is there a way to mass import rules to the Firepower? I can pull them easily from the CLI on the PA. They're in XML format. My zones are the same, obviously I would have to create ports possibly.
Any guidance is greatly appreciated!
-Mike