05-28-2008 11:38 AM - edited 03-11-2019 05:51 AM
I'm migrating from a PIX 525 to ASA 5520 failover pair. Both firewalls are at 7.0.7 code. At cutover time, configuration commands were copied from PIX to ASA with adjustments made to interface names, as well as speed / duplex of interfaces to keep all aspects the same. All switch port interfaces remained the same. Internet access with PIX inline works fine; DNS resolves names properly. When ASA's are brought inline, Internet access fails. ARP cache were cleared on ASA's and ethernet switches. Are there any known conversion commands and or debug commands that can be used to isolate the problem with the ASA's being inline versus the PIX's being inline?
05-29-2008 11:02 AM
by inline, do you just mean live?
how much time do you give the asa's before you take them back offline?
did you configure all of the proper failover commands on the new asa's?
have you cleared the arp cache's (or given them time to clear) on all other directly connected network devices?
05-29-2008 11:35 AM
Srue,
Did you pass the Security lab? Share the good
news my friend?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide