Saving the Cisco source configuration file
Before starting the conversion wizard:Cisco, save a copy of your configuration file to the computer where FortiConverter is installed.
To get the configuration, you can use the CLI commands:
terminal length 0
show running-config
Copy and paste the outputs into a plain text file.
Save the LINA configuration from Cisco FTD
Cisco FTD (Firepower Threat Defence) has two modules and maintain policies on both modules:
- LINA (layer 4 only)
- SNORT (layer 7 inspection)
FortiConverter tool can only support FTD's LINA component but not SNORT IPS engine rules.
To extract FTD LINA module configuration, please use the CLI commands:
system support diagnostic-cli
enable(press enter)
show running-config
Copy and paste the outputs into a plain text file.
Saving and naming for multi-context configuration file
If your Cisco device contains multiple contexts, please follow the steps below to prepare the input files of FortiConverter:
- Switch to the system execution space using the command:
- Switch to each context using the command:
- Open the system file and find the context definitions inside, and rename the context config file using the names after keyword config-url disk0:/.
- Archive all the context config files into a ZIP file.
- Input the configs as below to do the conversion:
changeto system
Then use the commands given previously to show the system configuration, and save it into a single file.
changeto context <context-name>
Save the configuration of each context into a single file separately. It is fine to skip the contexts you don’t want to convert.
For example, in the screen shot below, the system file contains the definition of context "admin", "test_second" and "third". Then according to the definition, rename the config of the context "admin" as "admin.cfg", context "test_second" as "test_second.cfg", and context "third" as "third.cfg".