So I recently acquired an ASA 5512-x to replace my old ASA 5505 to allow for more VPN connections. I was able to transfer most of the configurations from my ASA 5505 rather easily, but some of the commands didn't translate properly and I need some help. Below are the lines as they appear in the CLI of the 5505.
It seems to boil down to 3 command changes, but I have spent the last couple of days trying to find the answer on my own and haven't been able to get anywhere. Any help or guidance you could offer would be greatly appreciated.
I would highly recommend you do your upgrade on your 5505 first, THEN take that upgraded config and paste into the 5512X
That is the process I follow when upgrading to another appliance. Your config above tells me you are running pre-8.3 code on the 5505. What is the 5512X running, 9.1? If so, then upgrade 5505 to 9.1 and like I said before, copy/paste there
Keep in mind you will no longer be using "interface vlan 1" commands, so simply take the IP's from those on the 5505 and apply to the 5512 GigabitEthernet interfaces based on your needs (i.e., G0 Outside, G1 inside etc.)
The problem I find when going through the upgrade path on the ASA, is that the ASA adds a bunch of commands you don't really need. So I try to avoid upgrading the ASA automatically so I don't have to do a lot of cleaning up later. Having said that, if you have hundreds of NAT and ACL lines, then yes it will save a lot of time doing the upgrade instead of manually changing the commands.
I think it is just a matter of preference and how much time you can, or are willing to, allocate to the task.
Please remember to rate and select a correct answer
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :