tftp a pix 515E config?

Are there any known issues with using tftp to make an exact clone of two PIX

515E firewalls?

I'm getting ready to upgrade to 7.0 but first want to clone my production

515E to my test 515E. Both are on 6.3.4 but the production machine has 32MB of RAM while the test machine has 64MB of RAM. Using tftp I have saved the config to the tftp server. On my test 515E configured the same hostname and domain-name but different IP address.

In our configs we have multiple PIX-to-PIX VPN's with shared keys. Are the passphrases in the tftp file? Will they be copied back to the test 515E using tftp? Did I need to setup in advance the hostname and domain-name and generate a new rsa key or was this unnecessary because the config will have this info?

Many thanks for reading this and your advice.


Reply to
you know who maybe
Loading thread data ...

OK, answered that one by looking in the file! I'm just worried when I switch

515E's I'll miss something....
Reply to
you know who maybe

While I'm talking to myself I might as well end the conversation:

This worked for me:

write erase 515E "test" firewall Use "Pre-configure" interactive prompts to set IP address for inside interface write mem and reload Use configure net command to pull config from tftp server. Configure net (Error message: keypair will be invalid) write mem ca zeroize rsa ca generate rsa key 1024 Show ca mypubkey rsa ca save all wr mem reload

Looks good!

Reply to
you know who maybe Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.