Cannot locate Cisco ASA 5520 Product Part Number

If you must purchase the older product, there are numerous models on eBay  (Google Cisco ASA 5520 on eBay) . Find one there, check out vendor, and purchase.

Information regarding 5520 EOL devices and recommended replacement part can be found on a page
End-of-Sale and End-of-Life Announcement for the Cisco ASA 5520 Adaptive Security Appliance

show version and show inventory commands can show you exact model and serial number of your device.

Moving configuration from 5520 to 5525 may require manual correction since you are moving configuration from one device to other and ASA OS version may be different.

If you're going to migrate the configuration, I'd recommend doing the following:

1. First off, don't buy it off of eBay.  Spend the extra money and buy from a reputable source.  I use Curvature.  All of their products come with a LIFETIME warranty and they will provide support.  If you'd like, PM me and I can give you the email of my sales rep.
2. Check the memory on your 5520.  If you've got 1GB of RAM, upgrade to 2GB of RAM.  The part you need is =ASA5520-MEM-2GB.
3. The 5520 to 5525X is not a huge upgrade - they use the same ASA images, but it will be a different version (most likely) than yours.  Grab the ASA and ASDM images off of the 5525X and copy them to your 5520.
4. When you boot the 5520 to the new image, it will upgrade your config to the new IOS image version.  So, if you're running 8.x and you install 9.x, it will automagically change your NAT statements, objects, ACLs, etc.
5. Use the ASDM to backup your config on both devices.
6. Use the ASDM to restore the config from the 5520 to the 5525X.
7. Test
8. If it doesn't work, restore the original config of the 5525X using the ASDM.
9. Do the migration manually

Going from the ASA 55xx to the ASA 55xx-X will generally work because they use the same basic ASA images.  The new NGFW ASA 55xx-X firewalls also use those same images as their base, but they add the FirePOWER stuff to it.  So, I don't know if this type of thing will work.

I'll know soon... I'm migrating off of a couple of 5540's onto 5545X with FirePOWER in the next month.  LOL

I WOULD NOT use the ASDM to restore things, to the new firewall. AN ASDM firewall backup contains a LOT more than simply the config backups.

That being said If you can upgrade it (the old one) things will be much simpler I keep a 5505/5510/5520 spare for just this reason.

Dont forget if you use AnyConnect then you will need to purchase new licences for the new firewall. Don't panic too much about the FirePOWER stuff you don't even have to turn that on until after you have migrated everything.

>>The 5520 to 5525X is not a huge upgrade - they use the same ASA images

Sorry Chaps this IS NOT TRUE don't try and load an ASA5500 image on an 5500-X Firewall, please! (NGFW images have 'smp' in their name, apart from the baby ones which have lfbff).

If you have a purchased 3rd party certificate you will need to migrate that also. (its an easy task, I've got all that documented)

Pete

The ASDM backup/restore includes the certificates, RADIUS keys, RSA keypairs for SSH, enable secrets - it's a bare-metal recovery and works fine.

Regarding the comment on the upgrade from 5520 to 5525-X, you're absolutely right, Pete; I got my wires crossed on that one.

>>The ASDM backup/restore includes the certificates, RADIUS keys, RSA keypairs for SSH, enable secrets - it's a bare-metal recovery and works fine.

It also (unless you remove them, includes the  operating systems, Java Plugins for the old Anyconnect, the OLD AnyConnect clients and connection profiles, junk like SDM software thats no longer required.

It also repoints the boot variables, the firewall is intelligent enough to get past this without breaking, it just takes twice as long to boot.

Maybe Im just averse to the ASDM, Ive always done this manually :)