Upgrading my 506e to 5510

Unanswered Question
Jun 20th, 2007
User Badges:

I received my new Cisco 5510 and am starting planning to start the installation later this week. My question is, "Is there a simple upgrade procedure to configure the new unit?"


Can I export the configuration or access rules and import them into the new unit? Should I just print off the configuration, all of 8 access rules, and just add them? What is recommended?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
1cmerchant Wed, 06/20/2007 - 06:14
User Badges:

Since the Pix 506E runs v6.x code and the ASA 5510 runs v7.x code, you should do the configuration from scratch. There are enough differences between the two that you probably can't just 'cut and paste' the 506E config into the ASA 5510 without experiencing problems. I'd reccommend just doing the configuration via a console cable, just to familiarize yourself with the command syntax differences, etc.


I actually like the v7.x syntax, as it is a bit more like 'regular' IOS commands in that you get interface configuration modes, etc.


Carl

froggy3132000 Thu, 06/21/2007 - 04:00
User Badges:
  • Bronze, 100 points or more

If you remove pdm from the 506E, you can get 7.X code on it and then move the configuration over to the ASA.

Sluggofish Thu, 06/21/2007 - 04:21
User Badges:

My forte is not hardware but out of necessity I am the go to guy here at work. If you have the time can you provide a bit more detail? What do you mean by remove the pdm (Pix Device Manager) from the 506e? Thanks.

srue Thu, 06/21/2007 - 05:06
User Badges:
  • Blue, 1500 points or more

i did a bunch of pix515 6.3 to 7.x upgrades and i found the easiest way was to copy/paste small sections from the old 6.3 config into the new device. in most cases, even where the syntax has changed, 7.x will automagically convert it to the new syntax.

some commands are longer there at all though...two of the most popular that come to mind include:

fixup commands

conduits

interface configs

and failover (but 506's dont support failover so you're ok here)


fixup has been replaced by the inspection policy-maps (which shoudl be in the new device by default)

and conduits were replaced by ACL's.


can you really get 7.x to run on a 506 if you take pdm off? that's cool...

froggy3132000 Sun, 06/24/2007 - 06:02
User Badges:
  • Bronze, 100 points or more

start by copying pdm from tftp to flash


copy tftp://10.10.10.10/pdm-304.bin flash:pdm


Once that starts going, either pull the cable or stop your tftp server. It will then begin removing pdm from the pix. Now you can tftp 7.X code to the pix.


Of course this is not supported.

Actions

This Discussion