We've purchased a used Cisco PIX 515E firewall that we are using to replace a previous firewall of the same model. I have successfully copied the configuration from the old unit to the new via TFTP. Everything appears to be working normally, except that on boot-up, there are several errors displayed. There are about a dozen of them, but all fall into one of two categories. Either they reference keyword "outside" as "probably missing" or they say "crypto map" has "incomplete entries". Samples of each type are posted below.
Can someone point me in the right direction as to what these errors mean and how to correct them?
*** Output from config line 493, "nat (inside) 1 192.168.4..."
WARNING: Binding inside nat statement to outermost interface.
WARNING: Keyword "outside" is probably missing.
*** Output from config line 498, "nat (inside) 1 192.168.9..."
........WARNING: crypto map has incomplete entries
All your NAT and static commands are wrong. I am not sure how you say things work.
All your "nat (outside)" should instead be "nat (inside)"
All your "static (outside,inside)" should have been "static (inside,outside)"
You will have copy them all to notepad. put "no" in front of each to remove them, then correct each one of them and paste the corrected lines.
no nat (outside) 1 192.168.0.0 255.255.255.0
nat (inside) 1 192.168.0.0 255.255.255.0
For the statics, do the same
no static (outside,inside) tcp x.x.xxx.xxx https XXXX https netmask 255.255.255.255
static (inside,outside) tcp x.x.xxx.xxx https XXXX https netmask 255.255.255.255
To remove the crypto config you can do :
clear config crypto
clear config isakmp