Cisco Cisco ASA 5580 Adaptive Security Appliance 설치 가이드
4
Migrating from the Cisco ASA 5500 to the Cisco Adaptive Security Virtual Appliance
Modifying a Cisco ASA 5500 Configuration to an ASAv Configuration
c.
Remove the Advanced Inspection and Prevention Security
Services Module configuration (if one is installed).
Services Module configuration (if one is installed).
See the “Configuring the ASA IPS Module” chapter in
the Firewall CLI Configuration Guide.
the Firewall CLI Configuration Guide.
d.
Remove the CX module configuration (if one is installed). See the “Configuring the ASA CX Module” chapter in
the Firewall CLI Configuration Guide.
e.
Remove the following unsupported features:
•
Multiple context mode
•
Clustering—Remove the cluster-pool and mgmt-pool
keywords and arguments from the ip address
command.
keywords and arguments from the ip address
command.
•
See the “Configuring Multiple Context Mode” chapter
in the General Operations CLI Configuration Guide.
in the General Operations CLI Configuration Guide.
See the “Configuring Failover” chapter in the General
Operations CLI Configuration Guide.
Operations CLI Configuration Guide.
5.
Deploy the ASAv. To enable ASDM connectivity, you need
to set appropriate properties, including the mapping of
interfaces, in the OVF template.
to set appropriate properties, including the mapping of
interfaces, in the OVF template.
Install the ASAv onto a VM using the VMware vSphere
client.
client.
See the “Deploying the Cisco Adaptive Security Virtual
Appliance” chapter in the Cisco Adaptive Security
Virtual Appliance (ASAv) Quick Start Guide.
Appliance” chapter in the Cisco Adaptive Security
Virtual Appliance (ASAv) Quick Start Guide.
6.
Connect to the ASAv and configure SSH or Telnet for basic
connectivity.
connectivity.
From the CLI, use the telnet, ssh, or http command.
In ASDM, choose Configuration > Device Management
> Management Access > ASDM/HTTPS/Telnet/SSH.
> Management Access > ASDM/HTTPS/Telnet/SSH.
See the “Deploying the Cisco Adaptive Security Virtual
Appliance” chapter in the Cisco Adaptive Security
Virtual Appliance (ASAv) Quick Start Guide.
Appliance” chapter in the Cisco Adaptive Security
Virtual Appliance (ASAv) Quick Start Guide.
7.
Find your ASAv serial number, then you can obtain a new
license that is required to run the ASAv in standard mode.
license that is required to run the ASAv in standard mode.
From the CLI, enter the show version or show inventory
command.
command.
In ASDM, choose Help > About the Cisco ASA.
You must also request additional feature licenses that
match to what is configured on your ASA hardware.
match to what is configured on your ASA hardware.
See the “Deploying the Cisco Adaptive Security Virtual
Appliance” chapter in the Cisco Adaptive Security
Virtual Appliance (ASAv) Quick Start Guide.
Appliance” chapter in the Cisco Adaptive Security
Virtual Appliance (ASAv) Quick Start Guide.
8.
Import the VPN-specific files that you obtained from
performing Step
performing Step
If you obtained an ASDM backup zip
file, you can then restore it onto the ASAv.
In ASDM, choose Tools > Restore Configurations.
Note
If you issue the anyconnect-essentials command
or the no anyconnect-essentials command, the
following message appears:
or the no anyconnect-essentials command, the
following message appears:
“ERROR: Command required AnyConnect Essentials
license”
See the “Clientless SSL VPN Overview” chapter in the
VPN CLI Configuration Guide.
VPN CLI Configuration Guide.
See the “Configuring AnyConnect VPN Client
Connections” chapter in the VPN CLI Configuration
Guide.
Connections” chapter in the VPN CLI Configuration
Guide.
See the “Installing and Enabling CSD” chapter in the
Cisco Secure Desktop Configuration Guide for Cisco
ASA 5500 Series Administrators.
Cisco Secure Desktop Configuration Guide for Cisco
ASA 5500 Series Administrators.
Step
Task Description
Reference