Transfer Configuration from ASA 5505

I have a vexing problem.

My client is upgrading from a Cisco ASA 5505 to an ASA 5510 Security Plus unit. We don't want to type all of the commands over again so we backed up the running config from the 5505 using TFTP and Hyperterminal. Here's where the problem starts.
Upon copying the config to the 5510, a number of error messages occur. The 5510 unit featues a management port along with a different setup on the eth 0/x ports. The 5505 is running version 7.2(3). The 5510 is running version 7.0(7).
Should'nt this be a simple transfer of configuraitons?  If not, why not?
What must be done as far as transferring the configuration.
Thanks in advance!
terrytusviAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
The only difference is the interface numbering

5505 has something like this
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 180.10.1.253 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address xxx.xxx.x09.99 255.255.255.0
!
interface Vlan3
 nameif DMZ
 security-level 50
 ip address 10.10.10.254 255.255.255.0
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
 switchport access vlan 3
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
 switchport access vlan 3
!

Replace that section only with appropriate 5510 config:

!
interface Ethernet0
 speed 100
 duplex full
 nameif outside
 security-level 0
 ip address xxx.xxx.x09.99 255.255.2550
!
interface Ethernet1
 speed 100
 duplex full
 nameif inside
 security-level 100
 ip address 192.168.99.1 255.255.255.0
!
interface Ethernet2
 speed 100
 duplex full
 nameif DMZ
 security-level 50
 ip address 192.168.100.1 255.255.255.0  
!
0
clearacidCommented:
The ASA 5505 is a small soho firewall - basically it's a switch doing intervlan routing......  That's the way I see it....

The ASA5510 is more of a small business / medium business gateway firewall - their interfaces are different.

The ASA5505 you name interfaces vlans....  The ASA5510 you name interfaces by interface number

Make sense?  

So if you have a NAT tied to lets say interface vlan 1 on the ASA - and your outside interface is eth0 on the ASA5510 - you need to rename vlan 1 to eth0.

I would dump the config in a text file and just do a find / replace for interface vlan X with the interface you want to nameif on the 5510.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.