So i have a question, I’m thinking this is an easy fork over but i want to make sure im doing this right.
I have a older ASA 5540 that im forking over the code to a virtual ASA running on a firepower. I am wanting to make sure i get all the preshared keys on the old ASA so im thinking of just using a ftp server to copy the contents of the “more system: running configuration” command.
I was debating on is i should do this via CLI or ASDM. suggestions on how to make this easier?
Hello Michael
Migrating from an ASA to Firepower unfortunately is not that straightforward. In order to correctly migrate all of your configs, certificates, and preshared keys, Cisco recommends that you use the Firepower migration tool which will allow you to successfully transfer all of the functionality of the ASA onto the new platform. You can get more information about this procedure at this Cisco Documentation:
I hope this has been helpful!
Laz
Im not sure if there are other options here but im thinking this should be just a ASAv installed on the firepower as a virtual appliance. im not sure if thats done via the FMC or not. im kinda swimming in uncharted territory here. someone at the office mentioned about just copying all the context and the .cfg files over and it should be pretty straight forward. ill look over that migration tool document. im not sure how easy its going to be to get that tool on a secure domain.
Hello Michael
A search on the web will give you some solutions that some have implemented that would migrate your ASA to firepower with a simple copy of configs and various files, with some adjustments for the IP addresses and so on. However, such a solution is not best practice, as the use of the migration tool will ensure that all parameters (configurations, preshared keys, rsa keys etc) are migrated correctly and successfully. Ideally the migration tool should be used, but if you have the luxury of having a testbed in a lab environment to test both solutions, it may be worth examining…
Let us know how you fare with the endeavour.
I hope this has been helpful!
Laz