Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
377
Views
0
Helpful
3
Replies

VPN 3000 to ASA 5545X Migration

satya mothukuri
Level 1
Level 1

‎07-08-2014 03:13 AM - edited ‎03-11-2019 09:26 PM

 

  Hi All,

  we have a plan to migrate our VPN 3000 to ASA 5545x. I need to know the following points.

  1. Is there any tool for converting the config of vpn 3000 to ASA?
  2. can i create the config in ASDM demo mode and upload the same config to real ASDM(real ASA)?
  3. Whan kind of approch we have to follow?
  4. Do any one have the action plan?
  5. Is there any document for step by setp convertion.

Thanks inadvance.

Regards,

Satya.M

 

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-08-2014 08:15 PM

Sorry but there's no quick and easy way.

Re your specific questions:

1 & 2. No.

3 & 4. Analyze functions of your VPN 3000 setup and make notes. Study and learn ASA VPN capabilities and how to implement them. Note new features available and make an informed decision about any you choose to use. Build VPN in your lab and confirm it works as desired. Transition to production use along with good communications to users about changes and how to understand them. How much really depends on how you are using the system and your users' comfort level with technology change.

5. No.

0 Helpful

satya mothukuri
Level 1
Level 1
In response to Marvin Rhoads

‎07-10-2014 09:18 PM

 

 

Thanks Marvins ...

 I was going tru all this things, but to make thing faster and confident i have requested this.

 

Cisco has some tool's like beta tool etc...so looking for them, if they really help. I know nothings works as plug n play at core level.

 

Regards,

Satya.M 

0 Helpful

nkarthikeyan
Level 7
Level 7

‎07-11-2014 12:33 AM

Hi Satya,

Please follow the below mentioned steps to make your things simpler and you can gain more confident in doing it.

 

1) 1st collect the VPN settings what you have deployed in VPN concentrator.... have that information handy with you, which should include the access information for the vpn users.

2) ASA has different VPN options to do with IPSec RA /  Anyconnect / L2L etc. You can choose the VPN option which you are planning to migrate.

3) If you have the spare public IP... then you can build the parallel setup using a new public ip and have the VPN setup created and test it end to end... then you can either migrate to the IP of the VPN concentrator or a new IP itself.

 

in ASA Conf t#  vpnsetup ipsec-remote-access steps

will give you config example of ipsec RA... also you can find information for site to site, ssl vpn, l2tp vpn as well.... this will give you the simple information about VPN.... you can add the setup based on your requirement.... like 3rd party authentication.... etc as per your requirement.

 

Regards

Karthik

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card