03-26-2021 04:20 PM
Hello Guys
I have ASA working with having CRC errors on LAN interface and Cisco TAC said move the port to another.
To assign the same IP to another available interface, I have to delete the config on current Interface which will also delete NAT or ACLs associated with interface.
what else should be deleted?
Whats the best way to do it?
I am planning to take fresh backup of running config and change the interface and readd the missing(deleted) config.
Thanks
Solved! Go to Solution.
03-27-2021 01:12 PM - edited 03-27-2021 01:13 PM
Yes, when you clear the configuration of an interface some configuration is removed. NAT is removed (if it references the interface) and the access-group command is removed, the ACL remains (certainly on 9.12 anyway). I expect the same if crypto is enabled on an interface, you'll have to re-enable that.
I'd recommending taking a backup of the configuration and expect to paste in the configuration for anything that referenced the interface you've reconfigured.
HTH
03-27-2021 02:12 PM
as suggested the interface-related configuration will be gone, so make the new configuration ready with a new interface, by taking the old backup config, replace with new interface, in the maintenance window, change the interface and apply the new interface-related config.
03-26-2021 07:30 PM
hi,
did you try to change the cable and switch port instead?
try to isolate on those first before moving L3 IP/config to another ASA port.
03-27-2021 03:26 AM
Maybe check with TAC, TAC meant to say move the port on the switch side?
i will try this before i change at the ASA side.
1. change the patch lead with a new one.
2. configure a new port on the switch and move the ASA connection to the new port and test it.
03-27-2021 12:59 PM
Hello Guys,
I already tried changing cable and worked with TAC and they said it can be bad bad interface on ASA.
they asked me trying changing interface to another.
My question was regarding the procedure of changing interface, like if I delete the current LAN interface config as it is needed to configure same IP on other interface, what else will need reconfigured like NAT, ACLs etc?
03-27-2021 02:12 PM
as suggested the interface-related configuration will be gone, so make the new configuration ready with a new interface, by taking the old backup config, replace with new interface, in the maintenance window, change the interface and apply the new interface-related config.
03-27-2021 01:12 PM - edited 03-27-2021 01:13 PM
Yes, when you clear the configuration of an interface some configuration is removed. NAT is removed (if it references the interface) and the access-group command is removed, the ACL remains (certainly on 9.12 anyway). I expect the same if crypto is enabled on an interface, you'll have to re-enable that.
I'd recommending taking a backup of the configuration and expect to paste in the configuration for anything that referenced the interface you've reconfigured.
HTH
04-19-2021 09:13 AM
Hello @Rob @balaji.bandi
I changed port successfully, Only issue I encounter was, I have to readd the radius server key.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide