Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new blog
1505
Views
10
Helpful
1
Comments

FMT 2.3.4 adding ASA migrations of S2S VPN in public beta

William_Hansch
Cisco Employee
Cisco Employee
‎03-22-2021 08:00 AM

The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA:

  • Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center
  • VPN Objects—Creates VPN Objects (IKEv1/IKEv2 Policy, IKEv1/IKEv2 IPsec-Proposal), maps the VPN objects with the specific Site-to-Site VPN topologies, and migrates the objects to Firepower Management Center.
  • Site-to-Site VPN Topology—The crypto map related configuration in source ASA config are migrated with respective VPN objects. Policy-based (crypto map) VPN Topology are supported on FMC version 6.6 and above.

In this release, Firepower Migration Tool supports migration of static crypto map only. All supported ASA crypto map VPN will be migrated as FMC point-to-point topology.

Expect further enhancements and capabilities in the coming 2.4 release (planned for this summer).

If you have any questions, feedback or are looking for additional features, please engage fmt-feedback@cisco.com

For technical assistance, please contact Cisco TAC www.cisco.com/tac

1 Comment
peterjonus
Level 1
Level 1
‎04-13-2021 10:38 AM
‎04-13-2021 10:38 AM

Try adding the below to get it work, access-list vpn-nonat extended permit ip any

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Popular Articles
Customers Also Viewed These Support Documents