cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
335
Views
6
Helpful
2
Replies

PIX to FWSM conversion

mrahman0302
Level 1
Level 1

Hi,

Is there any tools available for converting PIX config to FWSM? I know that there is a tool called SCT for Checkpoint to PIX or FWSM conversion. Any idea?

2 Replies 2

Hi,

Cisco does not have a tool available for this, though I'm not sure if you could find a 3rd party one.

The conversion should be pretty straight-forward as the code is fairly similar. PIX 6.x commands will line up with FWSM 2.x, whereas PIX 7.x commands will line up with FWSM 3.x.

One major difference to keep in mind is that physical interfaces on the PIX will become VLAN interfaces on the FWSM.

Here are some links to the command references, which should help you work through the migration:

PIX 6.x Command Reference:

http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/cmdref.html

PIX 7.x Command Reference:

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/cmd_ref.html

FWSM 2.x Command Reference:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm23/command/reference/fwsm_ref.html

FWSM 3.x Command Reference:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/command/reference/fwsm_ref.html

Hope that helps.

-Mike

Farrukh Haroon
VIP Alumni
VIP Alumni

Please keep in mind some fundamental differences between FWSM and PIX. For example FWSM needs an ACL applied in the incoming direction on EACH vlan interface to pass traffic. There are other caveats also based on your current PIX config. VPNs are not supported on FWSM (except for Management).

Regards

Farrukh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: