[c-nsp] pix vs asa

Deric Kwok deric.kwok2000 at gmail.com
Thu Aug 5 21:43:59 EDT 2010


Hi

Thank you so much for reply.
AS A works fine but I have problem about vpn. I am using ciscoasdm to
configure it.

I get ipaddress in ippool after connection.

But I can not ping out eg: gw and any servers in the same pool network

Any example about vpn config too to let me check

Thank you again



On Thu, Aug 5, 2010 at 9:21 PM, P C <pc50000 at gmail.com> wrote:
> If your pix runs 7.0 or higher, the commands are virtuall identical for the
> same corresponding code of ASA.  In fact for a long time, the binaries were
> the same.
>
> If it's 6.3 on the pix, there's some changee.
>
> If this is for a migration, your best using the configuration migration tool
> found on CCO.
>
> On Thu, Aug 5, 2010 at 7:05 PM, Ryan West <rwest at zyedge.com> wrote:
>>
>> Deric,
>>
>> > -----Original Message-----
>> > From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
>> > bounces at puck.nether.net] On Behalf Of Deric Kwok
>> > Sent: Thursday, August 05, 2010 8:46 PM
>> > Subject: [c-nsp] pix vs asa
>> >
>> > Hi all
>> >
>> > Just wandering whether any different to configure vpn in pix and asa
>> >
>> > Any example
>> >
>>
>> There are plenty of examples on Cisco's site, a lot of the legacy PIX
>> commands still work and will translate into the newer ASA style.
>>
>> i.e. 'isakmp key <key> address x.x.x.x' will translate to:
>>
>> tunnel-group x.x.x.x type ipsec-l2l
>> tunnel-group x.x.x.x ipsec-attributes
>>  pre-shared-key <key>
>>
>> Remote access VPNs are configured using a combination of the tunnel-group,
>> group-policy and crypto map.  Site to site tunnels are pretty much the same.
>>
>> -ryan
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>



More information about the cisco-nsp mailing list