This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Old Cisco ASA migration to UTM 230

All,

Just looking for some feedback, advice or suggestions. We are migrating from a Cisco 5550 to a UTM 230. I would rather not light switch the turnover but do a step by step process. Recreated rules/objects that we think are needed moving forward. We have a lot of remote users using VPN which makes it more difficult to light switch. Was thinking of setting both firewalls up with different external and internal IPs. Everything internal will go through our core router and I didn't want to reconfigure internal subnets. I think issues would come down to internal routes. Say move the DMZ over but would need to put in static routes to go through the UTM.

Anyone else done a migration like this and what things did you learn? We have some hours for pro support but they can only assist to a certain level.

Thanks!

This thread was automatically locked due to age.

0 BAlfson over 9 years ago

I would use the pro support for the overall system design and initial installation. Although your Cisco knowledge and experience will make administering the UTM very easy for you, it will be a hindrance in the design and initial setup phase.

I've done it both ways. It just comes down to the complexity of your current configuration. Moving the VPN users could be easy depending on whether you have a separate FQDN for remote access. Your situation sounds moderately complex so I like the idea of moving the DMZ over and adding routes to the 5550 until you're ready to turn it off and put its LAN address on the 230.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel