Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX version conversion?


We’ve all heard talk in this discussion group about bidding farewell to conduits and adopting access lists for PIX version 6.0 and the PIX Device Manager (PDM). The question churning in my brain is, what happens if I just put version 6.0 on my existing PIX running version 5.3(1). Is the configuration gone, will it be automatically converted? Also will my existing VPN tunnels and commands between my legacy PIX’s still function?

Any thoughts?

Michael T. Fistler

Cisco CCIE #4503

Sr. Systems Engineer, Networking Concepts, Inc.

New Member

Re: PIX version conversion?

Your conduits and Crypto maps will survive the conversion. I did this very thing 2 weeks ago. The only problem I had was I lost my Verisign Certificate, and had to re-issue the cert. The PDM will not work with any VPN commands from what I've seen in the documentation.


DentiCom, Inc.

New Member

Re: PIX version conversion?

but the conduits are not convert in acl statement in my tests.

New Member

Re: PIX version conversion?

I doubt even when Cisco drops support for conduits that the upgrade process will do the conversion for you. There is too much of a possibility for breaking you config. You will have to manually convert from conduits to access lists and groups when the time comes.