Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
332
Views
0
Helpful
1
Replies

Cisca ASA Migration

macboy276
Level 1
Level 1

‎08-27-2015 01:13 PM - edited ‎03-11-2019 11:30 PM

I have configure this on my ASA 5505. i would like to migrate to ASA 5512 which uses ASA Version 9.1 (2)

Can somebody help me convert this for latest software

name 192.168.2.50 Email_Gateway


access-list dmz_access_in remark ClearSwift TRUSTmanager Reputations server &
access-list dmz_access_in remark Broadcasting of greylisting data to peer Gateway

access-list dmz_access_in extended permit udp host Email_Gateway any eq 8007 

access-list dmz_access_in remark ClearSwift TRUSTmanager Reputations server &

access-list dmz_access_in extended permit udp host Email_Gateway any eq 19200 

access-list dmz_access_in remark DMZ DNS Outbound HTTPS

access-list dmz_access_in remark Broadcasting of greylisting data to peer Gateway

access-list dmz_access_in remark NTP Email Gateway
access-list dmz_access_in extended permit udp host Email_Gateway gt 1023 host FileServer_DNS eq ntp 
access-list dmz_access_in remark FTP
access-list dmz_access_in extended permit tcp host Email_Gateway host FileServer_DNS eq ftp 
access-list dmz_access_in remark ldap
access-list dmz_access_in extended permit udp host Email_Gateway gt 1023 host 192.168.2.78 
access-list dmz_access_in remark ldap
access-list dmz_access_in remark DMZ DNS Inbound Email Relay SMTP
access-list dmz_access_in remark HTTP for Email_Gateway
access-list dmz_access_in extended permit object-group TCPUDP host Email_Gateway host FileServer_DNS object-group DNS 
access-list dmz_access_in remark HTTP for Email_Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway host FileServer_DNS eq ldap 
access-list dmz_access_in remark LDAP Communication for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 host 192.168.2.78 object-group DM_INLINE_TCP_1 
access-list dmz_access_in remark DMZ DNS Forwarding to Outside for Email Gateway
access-list dmz_access_in extended permit udp host Email_Gateway gt 1023 object-group InternetDNS object-group DNS 
access-list dmz_access_in remark DMZ DNS Forwarding to Outside for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 object-group InternetDNS object-group DNS 
access-list dmz_access_in remark DMZ DNS FTP for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 any eq ftp 
access-list dmz_access_in remark HTTP for Email_Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 host 192.168.2.78 eq www inactive 
access-list dmz_access_in remark isa to plims1 vote portal
access-list dmz_access_in extended permit tcp host 192.168.2.20 host 192.168.2.10 eq 8200 
access-list dmz_access_in extended permit udp host 192.168.2.101 host 99.99.99.1 eq ntp 
access-list dmz_access_in remark HTTPS access to the Clearswift Update Server
access-list dmz_access_in extended permit tcp Inside_Subnet 255.255.255.0 gt 1023 host Email_Gateway eq https inactive 
access-list dmz_access_in remark DMZ DNS Forwarding to Outside
access-list dmz_access_in extended permit udp host PublicDNS object-group InternetDNS object-group DNS 
access-list dmz_access_in remark For Email  Gateway
access-list dmz_access_in extended permit icmp host Email_Gateway host 99.99.99.1 
access-list dmz_access_in remark ISA
access-list dmz_access_in remark DMZ DNS Inbound Email Gateway SMTP
access-list dmz_access_in extended permit tcp host Email_Gateway host 192.168.2.77 eq smtp 
access-list dmz_access_in remark DMZ DNS Inbound Email Gateway SMTP
access-list dmz_access_in extended permit tcp host Email_Gateway host Exch10 eq smtp 
access-list dmz_access_in remark DMZ DNS Inbound Email Gateway SMTP
access-list dmz_access_in extended permit tcp host Email_Gateway host Palpha eq smtp 
access-list dmz_access_in remark DMZ EMail Gateway outbound delivery
access-list dmz_access_in extended permit tcp host Email_Gateway any eq smtp 
access-list dmz_access_in remark DMZ DNS Outbound HTTPS for Email Gateway
access-list dmz_access_in extended permit udp host Email_Gateway object-group EmailGateway any eq 8007 
access-list dmz_access_in remark DMZ DNS Outbound HTTPS for Email Gateway
access-list dmz_access_in extended permit tcp host Email_Gateway gt 1023 any eq https 
access-list dmz_access_in remark for ISA
access-list dmz_access_in extended permit tcp host 192.168.2.20 gt 1023 any eq www 
access-list dmz_access_in remark for ISA
access-list dmz_access_in extended permit tcp host 192.168.2.20 gt 1023 any eq https 


static (dmz,outside) 99.99.99.13 Email_Gateway netmask 255.255.255.255 
static (inside,outside) 99.99.99.32 Exch10 netmask 255.255.255.255 

Labels:
0 Helpful
1 Reply 1

Rishabh Seth
Level 7
Level 7

‎08-29-2015 11:20 AM

Hi,

 

Refer following doc for migration of hardware to ASA5500-x.

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/guide_c07-727453.html

 

Thanks,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card