Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
375
Views
0
Helpful
3
Replies

MIgration configuration

Go to solution
clark white
Level 2
Level 2

‎11-28-2014 06:59 AM - edited ‎03-11-2019 10:09 PM

Experts,

I have used migration tool for FWSM configuration and successfully migrated the configuration and uploaded to the ASA module in a test environment , when i was verifying the configuration there many many access list were missing from my production configuration and  also many name commands were missing such as name commands  i have not verified all the configs but uptill now i have noticed these.

 

Also i have noticed that on switch we have to enter additional command as below which were not been used for FWSM-SM

Router(config)# firewall vlan-group 51 70-85
Router(config)# firewall module 8 vlan-group 50-51 ----the vlan Interfaces on ASA-SM were down till i enter this command
Router(config)# firewall multiple-vlan-interfaces-------I was not able to create the multiple interface on ASA-SM till i enter this command

Any suggestion please is it i am correct or wrong.

 

Thanks
 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee

‎11-28-2014 07:50 PM

Hi,

I am not sure if the migration happened correctly or not as i think these commands will always be needed on the Switch on which the module will be inserted as this will tell the switch the forward the traffic to the module.

You can refer to the command reference for more infromation for FWSM:-

http://www.cisco.com/c/en/us/support/switches/catalyst-6500-series-switches/products-command-reference-list.html

Thanks and Regards,

Vibhor Amrodia

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee

‎11-28-2014 07:50 PM

Hi,

I am not sure if the migration happened correctly or not as i think these commands will always be needed on the Switch on which the module will be inserted as this will tell the switch the forward the traffic to the module.

You can refer to the command reference for more infromation for FWSM:-

http://www.cisco.com/c/en/us/support/switches/catalyst-6500-series-switches/products-command-reference-list.html

Thanks and Regards,

Vibhor Amrodia

0 Helpful

Go to solution
clark white
Level 2
Level 2
In response to Vibhor Amrodia

‎11-29-2014 08:16 PM

Dear,

the below statement is from migration guide.

"You cannot paste the migrated configuration directly at the CLI prompt on the ASA SM; you must copy the configuration over the network to the startup configuration and then reload the ASA SM so that it can perform additional migrations at startup. You cannot copy and paste the configuration because of the complexities of converting certain features, such as converting the FWSM NAT feature to the NAT feature on theASA SM, which uses Object NAT and Twice NAT."

I have already uploaded through the TFTP and after rebooting nat commnads has been changed and many more commands but  i saw many access list missing and name command missing, so now it is a huge job for me to match each and every access-list against the old config.So if i am planning to paste the access-list configuration ,, will there will a bad effect once the ASA-SM goes LIVE by pasting.

 

I think the copy paste option what cisco refused in migration guide was only for the first time when you are uploading, once you load the config we can copy past please correct me if i m wrong.

thanks

 

 

 

 

 

0 Helpful

Go to solution
clark white
Level 2
Level 2
In response to clark white

‎12-06-2014 08:58 AM

thanks for confirming,

I run the migration tool again and the configs were properly migrated.

thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card