Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

New config for Pix525 and Failover unit 1

Status
Not open for further replies.
yowza

yowza

Technical User
Nov 28, 2001
121
US
I need to replace my entire configuration on our pix 525 and failover pix and have 3 questions.

1. I connect my laptop to the console port and use Hyperterminal to configure the pix. I have the config in a Notepad file and just cut and paste to make changes. When I paste, it is EXTREMELY slow. I really think I can type faster than what is being pasted. Is there any way to speed this up? The settings I use for the Hyperterminal session is: bps=9600, data bits=8, parity = 1, stop bits =1, flow control = none. I have played with the flow control, but it does not make any difference.

2. If I do a write erase on the primary pix, will it also erase the failover unit?

3. To replace my entire configuration, I am assuming that the answer to my second question is No and here is what I think I need to do. I would appreciate any help on this.

Remove failover cable from the failover unit.
Using the console port & hyperterminal, do a write erase.
Power down the failover unit and reconnect failover cable.
On the primary unit do:

write erase
reload
config term
Paste new configuration in
write mem
Power up failover unit

Will this work?
Thanks,
yowza
 
Sort by date Sort by votes
Pasting a bunch of text over your serial port will always be slow. If you want it fast, do it over telnet or ssh.

After you do a write erase on the active pix, you need to write standby.
 
Upvote 0 Downvote
I agree, to overcome the slow console connection, just set the inside interface to accept a telnet connection, this will speed things up significantly.

Secondly, by doing a erase on the primary, it'll definitely affect the failover unit. The primary PIX is where all the changes to the configuration should take place. So, if you erase the config on the primary the failover will no longer function(well at least not properly).

Third, do the steps you've outlined. This will allow you to make changes to the primary PIX. There will be some down time involved (minimal as it seems, but it should be planned for). You'll have to be careful when you configure the INSIDE interface with an IP address (this is the downtime I was mentioning).


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
800
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
658
Johnkite
Johnkite
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
591
XLNTech1
XLNTech1
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
585
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
495
Nitta84
Nitta84

Part and Inventory Search

Sponsor

Back
Top