06-14-2018 02:47 PM - edited 02-21-2020 07:53 AM
Hi,
I am in the process of upgrading from an old ASA 5505 running ASA 7.2 to a new ASA 5515-X currently running ASA 9.1 (I will be upgrading). It has a fairly simple setup - It's in routed mode, single context. There is no NAT rules setup according to ASDM on the 5505.
Just two interfaces;
eth0 outside = 2.2.2.2 (WAN IP - masked for security)
eth1 inside = 3.3.3.0/255.255.255.128
There are are around 20 IP's on the 3.3.3.0 range, within the inside interface, which are all accessible on the public Internet.
By default all inbound and outbound traffic is set to deny. There are several TCP/UDP and host based rules to allow traffic to specific hosts and services. Some IP restrictions (for example RDP is only allowed by certain source IP's)
On the existing system there is a single static route from the 3.3.3.0 to an IP address on the 2.2.2.0 range thar was supplied by the datacentre.
My questions are;
1) If I import the configuration from the 5505 from the old ASA version to the new 5515-X with the newer ASA version, what do you think would happen? I am guessing I may need to fix some mappings of the interfaces. I am guessing most configuration should copy over fairly easily.
2) Should I be using Dynamic PAT? The change in NAT setup is a little alien to me.
Thank you.
Solved! Go to Solution.
06-15-2018 01:13 PM
06-14-2018 02:58 PM
Hi,
There have been some considerable changes between code versions 7.x and 9.x, in version 8.3 (i think), in particular access lists and nat commands changed. This link might provide some further information.
You might be best writing the new configuration from scratch, rather than importing.
HTH
06-15-2018 01:13 PM
06-18-2018 03:00 AM
Thanks - Yep I ended up doing it all manually and the firewall is in the DC up and running great, Friday afternoon :)
06-18-2018 04:38 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide