Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Change multiple addresses on an ASA 5510

Status
Not open for further replies.

brk1221

MIS
Jan 29, 2002
230
US
Hi, we are changing our internet circuit and will have a new block of addresses. In our ASA 5510, what is the easiest way to change all these access list-addresses to the new ones? I make changes from time to time but I'm far from proficient in cisco cli. Any help would be appreciated
 
1. Copy the access-list lines to an editor twice. In the 1st copy replace the IP addresses as you need AND RENAME the access list. Prepend all the ACL lines in the second copy of with "no".
2. Go to the ASA. Enter the configuration mode (config t). Paste in the new ACL with the new IPs.
3. Locate the line that reads "access-group <old ACL name> ..." and enter the same line with THE NEW ACL name.
4. Paste in all lines with the "no" from the step 1. This will remove the debris.
5. OPTIONAL: enter this command:
access-list <new-name> rename <old> name

test and save.
 
Thanks for the reply. Does the same apply for static routes? Such as:

static (inside,outside) tcp public address port private address port netmask 255.255.255.255


Thanks
 
In short, not quite and these are not routes.
1. issue "no static (inside,outside) ...." for each line
2. enter the new ones.
3.
clear xlate
clear local-host
 
Thanks - is it possible to copy the entire config to notepad, make address changes and then copy it back overwriting original?

 
1. get the config to your PC/server. It will save it as "config-2-edit"
Code:
copy running-config tftp://<IP-of-tftp-server>/config-2-edit
2. save locally (on the flash) just in case, do not skip this.
Code:
copy startup-config startup-saved
3. edit it on your PC and place it back to the same directory where you found it.
4. overwrite the startup-conig with the one you edited
Code:
copy tftp://<IP-of-tftp-server>/config-2-edit> startup-config
5. reboot the ASA
Code:
reload

If things go wrong (you mess up the config):
Code:
copy startup-saved startup-config
reload
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top