Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
1
Helpful
13
Replies

Setting UP a SECOND ASA5506-x firewall

Myleslandish
Level 1
Level 1

‎04-18-2024 06:28 PM

Hello, I successfully set up/configured my first ASA device. I just purchased as second 5506 and am wondering about how compatible or incompatible the bkup configuration files I’ve saved from the first device are gonna be with the second ASA. It mentioned something about a master passphrase when making the bkup. It just started to say this and I’m sure it’s bc I changed a setting on the device and I’m just trying to figure out how to get it bk to a standard one without the master pass phrase being necessary to use it on a secondary device. 

Labels:
13 Replies 13

Georg Pauwen
VIP
VIP

‎04-18-2024 10:49 PM

Hello,

the master passphrase has nothing to do with the content of the backup file, it acts as a key to decrypt the backup file when it needs to be restored. I assume you used the command ' write memory encrypt' when you made the backup ?

0 Helpful

Myleslandish
Level 1
Level 1
In response to Georg Pauwen

‎04-19-2024 01:32 AM

At few weeks into it I got into a part with keys being given and or generated. So I just assumed it had something to do with that. Idk if I tried to reset bk to a config before I ever did those changes. 

0 Helpful

Myleslandish
Level 1
Level 1
In response to Georg Pauwen

‎04-19-2024 07:04 AM

I didn’t 

0 Helpful

MHM Cisco World
VIP
VIP

‎04-18-2024 11:51 PM

Both same platform and same ver.

If yes then backup config to tftp and then download it for second asa.

MHM

0 Helpful

Myleslandish
Level 1
Level 1
In response to MHM Cisco World

‎04-19-2024 07:05 AM

Same device 5506-x with firepower. But I don’t believe it goes beyond that in similarities. I just wish I could copy the first one to the second

0 Helpful

Aref Alsouqi
VIP
VIP

‎04-19-2024 02:44 AM

The master passphrase is used to encrypt the plain text passwords with a specific key you configure on the ASA. Did you try to use the command "show system:running-config" and see if you can see the password in an unencrypted format? also, why not to add this new firewall as a secondary device and form an HA pair?

0 Helpful

Myleslandish
Level 1
Level 1
In response to Aref Alsouqi

‎04-19-2024 03:23 AM

I haven’t been able to use cl

0 Helpful

Aref Alsouqi
VIP
VIP
In response to Myleslandish

‎04-19-2024 03:35 AM

Sorry if I missed this, but why you were not able to get access into CLI?

Check out this link please about how to configure high availability on the ASA firewalls:

Cisco ASA Active/Passive Failover Configuration Example (packetswitch.co.uk)

0 Helpful

Myleslandish
Level 1
Level 1
In response to Aref Alsouqi

‎04-19-2024 07:03 AM

I’ve noticed it seems to have a cl to use on the ASDM; and I’ve used a few from the selections but i haven’t been able to connect to it with the console or whatever. Would any and all commands work on the ASDM same as the standard cl?

0 Helpful

Aref Alsouqi
VIP
VIP
In response to Myleslandish

‎04-20-2024 04:55 AM

Yes, "ASDM > Tools > Command Line Interface" should give you the same output as if you are connected to the firewall CLI.

0 Helpful

Myleslandish
Level 1
Level 1
In response to Aref Alsouqi

‎04-22-2024 08:01 PM

Good to hear; thanku

0 Helpful

Myleslandish
Level 1
Level 1
In response to Aref Alsouqi

‎04-19-2024 03:24 AM

I have looked at the files in text format and that was how I was able to activate an identity certificate and something else

0 Helpful

Myleslandish
Level 1
Level 1
In response to Aref Alsouqi

‎04-19-2024 03:25 AM

HA pair is what? For real, I’m low on this totem ppl 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card