Easiest way to wipe current config and update

[dmking43]

I am chaning to a new ISP, I need to make several changes to my PIX 515e Version 6.3(1). I am not sure of the easites way to make a backup, wipe the existing config and make the new one. I read about many problems with cut and paste. Is there a perferred way to do this? If probblems arise with the cut over, I need to easily go back to the old config. Any hwlp would be appreciated

Thanks Dave

 

[Lou0686]

Hi,

Backup the config to a TFTP server. This will give you a copy of the config. Cisco used to provide a TFTP server that you could run on any PC, not sure if they still provide it.

If you do a wr erase it will bring your PIX to factory defauts.

Have a copy of the VPN license key handy if your using it because the vpn license won't come back when you copy your config back. I hope this was helpful.

Lou

 

[dmking43]

Thanks, I will give it a try

 

[dozier]

Lou0686,

Could you provide the syntax for doing this? I'm having some trouble locating it. Thanks.

 

[AJ1982]

write erase

===

Fatman Superstar (Andrew James)

CCNA, CCAI

 

[Lou0686]

Hi,

Which syntax do you need?

You can backup the config from PDM if your using it.

To copy the config back the syntax is:

configure net <TFTP Server IP Address> /<image_file_Name>

Of course you have to be in "Config T" mode when you do it.

Lou

 

[dozier]

Ah, I see.

Now, if you do the 'config net...' command to upload the config back to the PIX it may not work entirely like I want, isn't that right? It does a merge with the running-config, not an overwrite, correct?

 

[Lou0686]

HI,

No. It overwrites it.

Once you do the erase it will set the PIX back to factory default. You will then need to run through the basic setup. You add any info you want (IP Address, host name) it doesn't matter what you supply during the setup because the upload of the config will overwrite it. The purpose of running the setup is so that you can get to the point where you can apply the license.

Lou

 

[dozier]

If when you reapply the config from the network it overwrites your current config completey what's the point of manually wiping it first and having to go through all those steps?

 

[Lou0686]

First off, that is what the original request was about.

Second, this is usually done when you are replacing the hardware and you want to copy the config over from the existing to the new without having to reinvent the wheel.

Lou

 

[chicocouk]

In actual fact configure net doesn't wipe the config, it does merge it. From the cisco documentation for the configure command;

"Configure from the terminal, Flash memory, the network, or factory default. The new configuration merges with the active configuration except for the factory default, in which case the active configuration is cleared first and then replaced by the factory default. The factory default option is available only on the PIX 501 and PIX 506/506E."

When they say configure default, this is a command that only runs on a 501 or 506e, and has syntax

configure factory-default [inside_ip_address [address_mask]]

All this info is available here;

http://www.cisco.com/en/US/products...erence_chapter09186a00801727a6.html#wp1055799

CCNA, MCSE, Cisco Firewall specialist, VPN specialist, wannabe CCSP

 

[bubarooni]

Lou 0868,

Is the VPN license key the same as the Running Activation Key in the Show Ver command output?

Thanks,
Bubarooni

 

[Lou0686]

I am not in front of one but yes I believe it is.

Lou