Jens Brey wrote:
> does anyone knews a way, to move the configuration from a Cisco ASA 5510
> to 5520 without the need to set all passwords new?
> I think the problem is the device internal salts which are used to crypt
> all the passwords/pre-shared-keys.
> Is there any possibilty to extract this salts and set them on the other
> device?

I'm not aware of this limitation. I have a basic template that I use
for setting up new firewalls which includes my standard enable password
and local users. The passwords are encrypted and they have always
worked when I moved them from one device to another or my template to a
new device.

You should try moving the passwords over to the new box (cut n' paste)
and see if they still work. Then the rest of the config should be easy.

-Josh
--
Josh Ward
Network Security Engineer - University of Oregon - Network Services
P. 541.346.1651 F. 541.346.4397
U of O Security Hotline: 541.346.5837
PGP Fingerprint: CFB6 62C0 370B AD6D BA33 6034 8FFB 4A49 297F 6A4C
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards