Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Migrating from 5520 to 5525X

Hi Guys,

Currently we have a Cisco 5520 ASA running 8.2.5 IOS and we want to upgrade to the new 5525-X ASA. We only have 512Mb RAM in our current ASA.

I've been reading alot of documentation on how to migrate from the 5520 to 5525-X but what I gather is the old ASA needs to be a minmum of 8.3 IOS.

But in order for use to get to 8.3 is we need to upgrade the RAM on the old ASA first then upgrade the IOS to 8.3 or 8.4 then migrate to the new 5525-X.

Would it be more practical for me to manually do cut and paste the config into the new ASA?

Thanks,

Ross.

8 REPLIES
Hall of Fame Super Silver

Re: Migrating from 5520 to 5525X

You can either:

a. prepare the configuration offline converting the NAT entries (and potentially ACL entries if you have any outside-in ACL)

b. just import everything but those (cut and paste from running-config or just load the running-config without those lines  in the new -X and tweak as necessary) and create those entries manually, or

c. rebuild on new platform piece by piece.

A lot depends on how much is in your current config.Look at the migration as an opportunity to understand and validate every bit of it.

Cisco Employee

Re: Migrating from 5520 to 5525X

The easiest way would be to copy the .cfg file onto flash of the new device and then "copy disk0:/ running-configuration".

You can catch errors if any while parsing your configuration & it definitely does save manual efforts of copy/paste.

New Member

Migrating from 5520 to 5525X

Thanks.

We dont have any NAT rules so it looks like a simple cut and paste job then?

Cisco Employee

Migrating from 5520 to 5525X

What image are you upgrading to on 5525-X? If 9.0 or higher you'll have to check on ACL migration.

9.x has support for Unified ACL for IPv4 and IPv6.

New Member

Migrating from 5520 to 5525X

Yeah its 9.1 thats coming with the ASA-X

Hall of Fame Super Silver

Migrating from 5520 to 5525X

Yes, without NAT the job is pretty easy. Always doublecheck but definitely an easier migration.

If it's factory fresh it probably has 8.6 software. I'd recommend 9.0(2) or 9.1(2) as there a a few new features and many bug fixes in those releases.

You will probably need to activate your 3DES-AES license and add stong encryption to the ssl statement to properly manage the new ASA.Reference.

Please rate helpful replies.

New Member

Migrating from 5520 to 5525X

Thanks for your help. Just one quick questions how do you activate your license for 3DES-AES encryption? Is it through TAC?

Hall of Fame Super Silver

Re: Migrating from 5520 to 5525X

You're welcome. For the license you can go via TAC or via self-service portal here. (choose "Get New" then "IPS Crypto or Other license"

400
Views
5
Helpful
8
Replies