Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Migration from PIX to FWSM

We are going to migrate all of our private (internal) DMZs from our PIX 525s to our FWSMs that are in our "core" 6509s. Has anyone done something similar to this? I would like to know if I can use CSM to help me convert the PIX config to the FWSM config, if possible.

1 REPLY
Silver

Re: Migration from PIX to FWSM

It is quite straightforward as both platforms use a common CLI. Now there have been significant changes between 6.3 and 7.0 (FWSM 3.1 is based on PIX 7.0). What I'd do is take the PIX 6.3 config and load it onto a lab unit. Upgrade the lab unit to 7.0. Copy the new config (it will automatically adjust to the new 7.0 CLI). Go the FWSM and rebuild your interfaces manually (FWSM is all about VLANs while PIX/ASA refer to physical interfaces and subinterfaces). Once that's done, you'll be able to copy/paste a large part of the PIX config into the FWSM. Features such as VPN and IPS won't work on FWSM but the rest should be accepted

with no major issues.

179
Views
0
Helpful
1
Replies
CreatePlease login to create content