Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
495
Views
0
Helpful
4
Replies

Pix Config conversion

Go to solution
Lakeram Harrypersaud
Level 1
Level 1

‎01-10-2012 06:16 PM - edited ‎03-11-2019 03:12 PM

Hi Guys,

I am wondering if it's possible to convert a Pix 501 configuration running version 6.3(5) to a new ASA5505 which we just purchased? We have site to site VPN on this device and i am just trying to save some time. I believe Cisco TAC might have a tool to do this but i am not sure.

Any help will be greatly appreciated.

Thanks,

Lake

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎01-10-2012 06:21 PM

Hello,

I think this is what you are looking for:

http://www.cisco.com/en/US/docs/security/asa/migration/guide/pix2asa.html

Let me know if you need something else.

Rate this post if it helps you.

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-10-2012 07:19 PM

Note that if you use the tool Julio pointed to, you would have to be running ASA software 7.x t be compatible with the tool command syntax-wise.

That would be a downgrade from anything currently shipping (the last 7.2 release was in early 2010). If you went that route, you'd be best served by then subsequently upgrading to 8.x (anything pre 8.3 - such as 8.2(5)) and then finally to the current ASA release - 8.4(2). I  believe the TAC would even suggest a stop along the way at 8.0 just to be on the safe side.

Unless you have a whole lot of complicated configuration, you'd probably be better served by just parsing out the old Pix config and building it anew in ASA 8.4(2) from the get-go. Use ASDM if you're not comfortable with the CLI. A Pix is unlikely to have much more than some access-lists, NATs / NAT exemptions and VPN tunnels. All of that can be easily built fresh in a new ASA.

It's a good opportunity to validate and completely understand your configuration.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎01-10-2012 06:21 PM

Hello,

I think this is what you are looking for:

http://www.cisco.com/en/US/docs/security/asa/migration/guide/pix2asa.html

Let me know if you need something else.

Rate this post if it helps you.

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
Lakeram Harrypersaud
Level 1
Level 1
In response to Julio Carvajal

‎01-10-2012 07:24 PM

Thank you

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-10-2012 07:19 PM

Note that if you use the tool Julio pointed to, you would have to be running ASA software 7.x t be compatible with the tool command syntax-wise.

That would be a downgrade from anything currently shipping (the last 7.2 release was in early 2010). If you went that route, you'd be best served by then subsequently upgrading to 8.x (anything pre 8.3 - such as 8.2(5)) and then finally to the current ASA release - 8.4(2). I  believe the TAC would even suggest a stop along the way at 8.0 just to be on the safe side.

Unless you have a whole lot of complicated configuration, you'd probably be better served by just parsing out the old Pix config and building it anew in ASA 8.4(2) from the get-go. Use ASDM if you're not comfortable with the CLI. A Pix is unlikely to have much more than some access-lists, NATs / NAT exemptions and VPN tunnels. All of that can be easily built fresh in a new ASA.

It's a good opportunity to validate and completely understand your configuration.

0 Helpful

Go to solution
Lakeram Harrypersaud
Level 1
Level 1
In response to Marvin Rhoads

‎01-10-2012 07:25 PM

Thank you. I truly appreciate all your help.

Regards,

Lake

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card