Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Migration from PIX to ASA with same DMZ

How can I migrate from a pix firewall to a ASA firewall using the same DMZ. doing this so there will be no changes to the ip's in the DMZ. I have tried to NAT the inbound DMZ of the ASA which gives the ASA's IP addres to internal DMZ servers. Works as long as there is not a load balancer which we use. Anything behind the load balancer will send reply https packets to the ASA, but the ASA will drop them.

2 REPLIES
New Member

Re: Migration from PIX to ASA with same DMZ

Your question isn't very clear. Are you doing a drop in replacement of a PIX with an ASA? If so that should be pretty simple given that you've duplicated the configuration on the old PIX to the ASA. If you're trying to do something like run both firewalls at the same time, then that's going to get complicated real quick.

New Member

Re: Migration from PIX to ASA with same DMZ

Yes we are trying to run both at the same time. An easier idea would be to put multiple NICs in the DMZ servers and run two seperate DMZ'z. Not an option as I have walked into the situation. Company wants to test and slowly migrate to the new ASA firewall. Any ideas??

138
Views
0
Helpful
2
Replies
CreatePlease to create content