good evening!
im tasked to move a pair of 4115s in HA (7.0.5) that currently run several s2s vpns, 5 anyconnect portals, ospf, nat, etc to a new FMC.
The ftds are currently being managed by a FMC1000 in version 7.0.5. The new FMC is using 7.2.5 and i...
Hi
Im tasked to move an HA 4115 FTD to a new FMC. We are going from Physical to Virtual so sadly this does not comply with the supported fmc model migration path shown here:
https://www.cisco.com/c/en/us/td/docs/security/firepower/fmc_model_migration...
Good afternoon,
Im currently trying to migrate a asa 5525 with a couple of vpns, subinterfaces, ACLs and nats using FTM to a FTD version 7.2 running on VMware.
everything is being migrated as expected but im getting an error right before I "Validate"...
Good Morning ISE admins,
Im currently checking if this architecture works as intended.
We have a client that wants to enable Microsofts MFA for their anyconnect users using an ASA as an SP for SAML but keep ISE as their policy enforcement (dacls base...
Hello
This is the current topology:
CISCO 1800 ---- SOHO Linksys router (1)------INTERNET--------- SOHO Linksys Router (2) ------ Andorid/Apple device
The SOHO Linksys router (1) is port forwarding UDP ports 500 and 4500 to the Cisco 1800, the prob...
Thanks, that clears things up
As a workaround of this (before knowing your plan) i was thinking on reusing the mac addresses of the primary FTD when i failover to the standalone ftd (previous secondary) managed by the new FMC so there would not be an...
HI!,
Thanks for the detailed steps. But im kind of lost as to why breaking HA would mean a complete outage. There would still be an active firewall with the original config.
Besides that, on step 7, is there a reason to run a failover previous to dis...
Hi!New FMC is 2600.I cant backup and restore because these two FMCs currently manage different FTDs with different configuration. I only need to import the config of this specific set of 4115s.Im covered on the NAT/ACP/intrusion policy side with the ...
Thanks!
This is the workaround i was looking for.
But my original question still stands. If i were to migrate the FMC withhout using this script. Would I need to migrate all the vpn configuration manually?
