Solved: Copy ASA 5510 Configuration to Another 5510

metuckness · ‎05-26-2017

Hi,

I have an ASA 5510 and I am not sure if it is having issues or not. In order to eliminate the unit itself, I want to duplicate the config in the active production ASA 5510 to another 5510 and then replace the unit. This will confirm if it is or isn't the ASA that is the issue.

What is the best way to do this?

Thanks!

Francesco Molino · ‎05-26-2017

Hi

If you don't have any certificates, the best way and simplest way will be to export the running config and import it on the new one in the startup config. Then reboot the asa.

If you have certificates and specific configs for anyconnect,... And if you want to copy everything from old unit (anyconnect packages, certificates,...) Go though asdm, do a backup and restore it on the other unit through asdm as well

Don't forget to rehost your licenses and install them to the new unit.

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Francesco Molino · ‎05-26-2017

Hi

If you don't have any certificates, the best way and simplest way will be to export the running config and import it on the new one in the startup config. Then reboot the asa.

If you have certificates and specific configs for anyconnect,... And if you want to copy everything from old unit (anyconnect packages, certificates,...) Go though asdm, do a backup and restore it on the other unit through asdm as well

Don't forget to rehost your licenses and install them to the new unit.

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

metuckness · ‎05-27-2017

I don't have any certificates, but is there a process to export? When I get in the unit and checkout export, it just talks about exporting the anyconnect config, not the units entire config.

Also, how do I get into the ASDM? It's been a while and the java link I had on my desktop isn't working and when I go the the IP in a browser it doesn't load anything. I hardly ever use it so kinda inexperienced in it.

___________________________________

ASA5510# export ?

webvpn Export webvpn related data

___________________________________

Thanks!

metuckness · ‎05-27-2017

Oh and version info:

ASA5510# sh ver

Cisco Adaptive Security Appliance Software Version 9.1(6)
Device Manager Version 7.6(2)

Compiled on Fri 27-Feb-15 13:50 by builders
System image file is "disk0:/asa916-k8.bin"
Config file at boot was "startup-config"

ASA5510 up 12 hours 5 mins

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz,
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x0)
                             Boot microcode        : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode     : CNLite-MC-SSLm-PLUS-2_05
                             IPSec microcode       : CNlite-MC-IPSECm-MAIN-2.09
                             Number of accelerators: 1

0: Ext: Ethernet0/0         : address is , irq 9
1: Ext: Ethernet0/1         : address is , irq 9
2: Ext: Ethernet0/2         : address is irq 9
3: Ext: Ethernet0/3         : address is , irq 9
4: Ext: Management0/0       : address is , irq 11
5: Int: Not used            : irq 11
6: Int: Not used            : irq 5

Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                     : 50             perpetual
Inside Hosts                      : Unlimited      perpetual
Failover                          : Disabled       perpetual
Encryption-DES                    : Enabled        perpetual
Encryption-3DES-AES               : Enabled        perpetual
Security Contexts                 : 0              perpetual
GTP/GPRS                          : Disabled       perpetual
AnyConnect Premium Peers          : 2              perpetual
AnyConnect Essentials             : Disabled       perpetual
Other VPN Peers                   : 250            perpetual
Total VPN Peers                   : 250            perpetual
Shared License                    : Disabled       perpetual
AnyConnect for Mobile             : Disabled       perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
UC Phone Proxy Sessions           : 2              perpetual
Total UC Proxy Sessions           : 2              perpetual
Botnet Traffic Filter             : Disabled       perpetual
Intercompany Media Engine         : Disabled       perpetual
Cluster                           : Disabled       perpetual

This platform has a Base license.

Serial Number: REMOVED
Running Permanent Activation Key:

metuckness · ‎05-27-2017

I figured out access to the ASDM, apparently at some point I had disabled the web interface :)

metuckness · ‎05-27-2017

I used the ASDM export feature on the existing ASA5510. Then I hooked up the other one, reset it to factory defaults, gave the admin interface an IP and enabled the http interface and used the restore feature of the ASDM to restore and it worked flawlessly.

Francesco Molino · ‎05-27-2017

Cool you get it.

Sorry I missed your previous messages.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question