Firewall Wizards mailing list archives

Re: Move configuration from 5510 to 5520

From: Josh Ward <jward () network-services uoregon edu>
Date: Thu, 19 Jun 2008 09:13:55 -0700

Jens Brey wrote:

does anyone knews a way, to move the configuration from a Cisco ASA 5510
to 5520 without the need to set all passwords new?
I think the problem is the device internal salts which are used to crypt
all the passwords/pre-shared-keys.
Is there any possibilty to extract this salts and set them on the other
device?


I'm not aware of this limitation.  I have a basic template that I use
for setting up new firewalls which includes my standard enable password
and local users.  The passwords are encrypted and they have always
worked when I moved them from one device to another or my template to a
new device.

You should try moving the passwords over to the new box (cut n' paste)
and see if they still work.  Then the rest of the config should be easy.

-Josh
--
Josh Ward <jward () network-services uoregon edu>
Network Security Engineer - University of Oregon - Network Services
P. 541.346.1651  F. 541.346.4397
U of O Security Hotline: 541.346.5837
PGP Fingerprint: CFB6 62C0 370B AD6D BA33 6034 8FFB 4A49 297F 6A4C
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Move configuration from 5510 to 5520 Jens Brey (Jun 19)
- Re: Move configuration from 5510 to 5520 Farrukh Haroon (Jun 19)
- Re: Move configuration from 5510 to 5520 Josh Ward (Jun 19)
- <Possible follow-ups>
- Re: Move configuration from 5510 to 5520 vbwilliams (Jun 19)
  - Re: Move configuration from 5510 to 5520 Jens Brey (Jun 25)