Solved

ASA 5505 Restore to Duplicate Unit.

Posted on 2013-06-13
1
676 Views
Last Modified: 2013-06-13
I have a Cisco ASA 5505 with Security Plus license configured for WAN, LAN and DMZ, which has been working great for several years. I just purchased a new ASA 5505 with SP on Ebay (Yes, I know I probably should have purchased it through a Cisco partner) as strictly a backup unit to swap out if the original dies or if I need to bring it down for upgrades or repairs. However I cannot get the backup to work.

This is what I have done in an attempt to duplicate the new ASA 5505 device as a backup:

Using the console, I saved the running config from my working 5505 to my tftp server, and then copied the running config from my tftp server to my new 5505 as startup config. After issuing the reload command, the unit booted up properly with a running config identical to my working 5505. However if I swap out the devices, I cannot get to the WAN or DMZ through the backup device.

Both units are running ASA 8.2(1) with ASDM 6.2(1).  The units are identical except for the fact that the working unit has 1GB of RAM and the backup has 256MB. I printed out the running config from both units and compared them line by line, and they are also identical except the backup unit has 1 added line: anyconnect-essentials.

I am not an ASA expert by any means, and am wondering if I missed something, or should it work based on the steps I took?

Steve
0
Comment
Question by:CALAOMS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
CALAOMS earned 0 total points
ID: 39246598
Turns out it was the ARP table in the modem/router. After rebooting the modem, everything works as it should.  I have to give jcarvaja over at the Cisco firwall forum credit for this fix as he pointed me in this direction.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SonicWall Max Connection Setting 7 85
Static Route on Cisco ISR 4431's 4 58
ASA NAT rule change 3 86
port forwarding 2 70
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question