11-19-2017 10:28 PM - edited 02-21-2020 06:47 AM
Dear Experts,
I am planning to ASA hardware migration from ASA 5510 (ver 8.2) to ASA5516-X (ver 9.6).
I would like to get your help/advise for my migration.
1) what is the best way of this migration fro 5510 ver 8.2 to ASA5516-X (ver 9.6)
2) Is there any better tools for NAT and ACL?
3) Is there any chart or link of different versions of NAT and ACL setup CLI command?, so that I can compare my current config to modify for new ver.
4) kindly provide your advise for this migration.
Thank you so much in advance.
Solved! Go to Solution.
11-19-2017 10:50 PM
The first step is to clean up and review your existing configuration. Make sure you understand what you have and what's necessary.
I have used the tools at tunnelsup.com to good end in doing both the cleanup and NAT conversion. I find their NAT conversion cleaner and more reliable than what's built into the parser that runs when doing an inline upgrade (something you don't have available since you are moving between platforms).
Your 5516-X will have different interface numbering than the 5510 so you will have a bit of work to do in changing the configuration to take that into account. There's not an easy shortcut for that as an end user.
if you're a partner or working with one, Cisco has an internal migration tool that can be used to prepare the new configuration offline. It's not a 100% substitute for a qualified and informed firewall engineer / admin but it is helpful for the larger configurations with lots of lines.
11-19-2017 10:50 PM
The first step is to clean up and review your existing configuration. Make sure you understand what you have and what's necessary.
I have used the tools at tunnelsup.com to good end in doing both the cleanup and NAT conversion. I find their NAT conversion cleaner and more reliable than what's built into the parser that runs when doing an inline upgrade (something you don't have available since you are moving between platforms).
Your 5516-X will have different interface numbering than the 5510 so you will have a bit of work to do in changing the configuration to take that into account. There's not an easy shortcut for that as an end user.
if you're a partner or working with one, Cisco has an internal migration tool that can be used to prepare the new configuration offline. It's not a 100% substitute for a qualified and informed firewall engineer / admin but it is helpful for the larger configurations with lots of lines.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide