PIX Rollout

In article , jed wrote: :I need to rollout 10 PIX 501. I was told that I would be able to image :all the boxes, change a few things on each one and it would save me :time in the deployment.

That is not possible with the PIX series in the same sense that one would "Ghost" a Windows PC.

:Can anyone point me to some resources that :would help. I have read about how to upgrade the PIX OS. Do I use the :same process or do I have to manually configure every box?

I would suggest that you start by ensuring that the software version is the same on each of them. Once that is done, configure one of them the way you want, perhaps by using PDM. Then when you are satisfied that it is working, use either PDM or the "write net" configure-mode command to save a copy of the configuration to a text file on the tftp server. Make one copy of that file for each of the machines, and tweak the contents appropriately (e.g., change the IP addresses and make the appropriate changes to the access-lists.) Once you have the editted configurations, use PDM or the "configure net" configure-mode command to load in the appropriate text file into each of the devices.

On the other hand, if the configuration you will be using will not be complex, you might find it easier to just use PDM to configure each of them individually.

- Use the 'tftp-server' command to configure access to a tftp server on the network

- Use the 'write net' command to copy a completed config to the tftp server

- Use the 'configure net' command to copy the config to the new pix.

PDM is nice, but using the command line just gets the job done easier sometimes.