Weve all heard talk in this discussion group about bidding farewell to conduits and adopting access lists for PIX version 6.0 and the PIX Device Manager (PDM). The question churning in my brain is, what happens if I just put version 6.0 on my existing PIX running version 5.3(1). Is the configuration gone, will it be automatically converted? Also will my existing VPN tunnels and commands between my legacy PIXs still function?
Your conduits and Crypto maps will survive the conversion. I did this very thing 2 weeks ago. The only problem I had was I lost my Verisign Certificate, and had to re-issue the cert. The PDM will not work with any VPN commands from what I've seen in the documentation.
I doubt even when Cisco drops support for conduits that the upgrade process will do the conversion for you. There is too much of a possibility for breaking you config. You will have to manually convert from conduits to access lists and groups when the time comes.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...