Transferring running configuration from one PIX 506e to another

Nov 13th, 2007
It's been a while since working with PIX firewalls and one of ours in a remote location is starting to develop hardware issues (CPU fan). Trouble is, we've got it set to complete a static VPN tunnel to the location where I'm working at and the tunnel is a necessity for operations. I've been working on transferring the running-config from that (the PIX with the bad fan) to a new PIX 506e that we will use to replace it.

I've been using HyperTerminal and a console connection to capture the running -config as a text file, but when it comes to sending it to the newer PIX, I've been getting erroneous entries in the running config after doing so.

The older PIX is running IOS version 6.3(3), while the newer PIX is running 6.3(5). Is there something I'm missing either in the IOS version compatibility, or is it a matter of my procedure?

Any advice helps...

srue Tue, 11/13/2007 - 11:32
Personally, here's how I would do it:

copy small sections of the existing config to the newer 506e to see where your errors are and if they are relevant. Don't use hyperterminal though, unless you change the buffer size.

alanajjar Wed, 11/14/2007 - 06:00
The easiest way to transfer configuration from pix to another is to use tftp server.

issue PIX# copy run tftp

on the old pix, then it will ask you about the tftp server address and destination file name.

install the new pix, connect it to the TFTP by cross cable or through network, then issue PIX# copy tftp run

it will ask for the tftp and file name, choose the file name you save in previous step, the issue

PIX# copy run start to save the new configuration.


This Discussion