Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
3
Replies

need to convert pix 501 config to asa5505

JMCNEL
Level 4
Level 4

‎12-17-2013 06:48 AM - edited ‎03-11-2019 08:19 PM

           I have to convert our pix 501 config to asa5505 - i used the cisco convert tool but got stuck on a few rules that did not convert. Any help would be appreciated.

partial config ..

ip address outside 172.100.1.1 255.255.255.0

ip address inside 10.2.0.3 255.255.0.0

global (outside) 2 interface

global (inside) 1 10.2.3.3

nat (outside) 1 172.100.1.0 255.255.255.0 outside 0 0

static (inside,outside) 10.32.0.5 10.32.0.5 netmask 255.255.255.255 0 0

static (inside,outside) 192.168.0.6 192.168.0.6 netmask 255.255.255.255 0 0

static (inside,outside) 10.20.1.143 10.20.1.143 netmask 255.255.255.255 0 0

the config tool created this

interface VLAN1

ip address 172.32.1.1 255.255.255.0

nameif outside

security-level 0

no shutdown

 

 

interface VLAN2

ip address 10.3.0.3 255.255.0.0

nameif inside

security-level 100

no shutdown

      

interface Ethernet0/0

switchport access vlan 2

switchport mode access

interface Ethernet0/1

switchport access vlan 1

switchport mode access

Labels:
0 Helpful
3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

‎12-17-2013 09:33 AM

Hello Johannanel,

Yeah It did not work hehe. Let me try to do it for you

ip address outside 172.100.1.1 255.255.255.0

ip address inside 10.2.0.3 255.255.0.0

Interface vlan 2

nameif outside

ip add 172.100.1.1 255.255.255.0

no shut

exit

interface vlan 1

nameif inside

ip add 10.2.0.3 255.255.255.0

no shut

exit

interface ethernet 0/0

switchport mode access

switchport access vlan 2

no shut

nat (inside) 2 0 0

global (outside) 2 interface

static (inside,outside) 10.32.0.5 10.32.0.5 netmask 255.255.255.255 0 0

static (inside,outside) 192.168.0.6 192.168.0.6 netmask 255.255.255.255 0 0

static (inside,outside) 10.20.1.143 10.20.1.143 netmask 255.255.255.255 0 0

nat (outside) 1 172.100.1.0 255.255.255.0 outside 0 0

global (inside) 1 10.2.3.3

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

JMCNEL
Level 4
Level 4
In response to Julio Carvajal

‎12-17-2013 10:27 AM

Thanks for your response but

My asa is on 8.4(7) and the nat commands and ip address commands does not work

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to JMCNEL

‎12-17-2013 10:28 AM

Hello,

You missed that part bud.

I will get back when I have time

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card