So I have a new project upgrading our old 5510 over here to 5515x. 5510 is running 8.2 and 5515x will run 9.x From what I have read I won't be able to easily just copy running config and slap it on a new 5515x. Does anybody know whether Cisco introduced drastic cli config change? What features will most likely need my attention the most? I have never worked with 9.x yet so not sure what changed and what didn't. I hear commands for NATing sort of changed....
The other bit to note are any "outside-in" access-lists. The old code referenced the NATted address for any public facing servers. The new syntax refers instead to the real IP address of the server(s) in the ACL.
It's only an issue if you have some static NAT or PAT and are allowing inbound access.
A few commands (like nat control for example) have been deprecated. If you move in your old config a couple of lines at a time you can watch for errors as the parser reads them and adjust accordingly.
Setup the new unit in an offline lab and you can check out all the syntax errors ahead of time.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...