Does anyone know of a tool that can convert a pre-8.3 ASA configuration (access-lists and NATs in particular) to a post-8.3 format?
The ACLs in the newer code reference the private IPs. This would save me a ton of time so I may end up writing a script myself to do this.
I have found this http://www.tunnelsup.com/nat-converter but probably you have to check the output, im not sure how eficient will be but maybe helps a little bit.
I actually saw that same tool but the results haven't been great. It converts the NATs to the new post-8.3 format just fine. But the problem is that it doesn't convert the ACLs at all. Since the ACLs in 8.2 reference the pre-NAT IPs, none of the automagic NAT rule < > Security rule mapping takes place and zones are all mixed up.
I think a script that converts both the NATs and the ACLs to post-8.3 would be a gold mine.
Here is what you can try, if you have GNS tool.
You can upload 8.2 on GNS ASA.
Upgrade to 8.3+ and check if NAT has been migrated.
Cisco has a tool here: https://fwm.cisco.com/auth.do
I'm not sure if it's available to non-partners but it does exactly what youre asking about and a great job at that.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!