The important thing to note about PIX and ASA configurations are that they are different. In other words, to do one thing on a PIX requires a different command on an ASA. The ASA uses a more “IOS-like” configuration where the PIX has its own “PIX-OS” configuration. Here are just some of the differences between the two:
- The ASA is different hardware and has different interface names.
- The ASA uses sub-interface commands, like the Cisco IOS.
- A PIX will use FIXUP commands for application inspection whereas the ASA will use policy maps.
- On the PIX,outbound and conduit commands are used versus access lists on the ASA.
There are two ways to perform this conversion — manually or by using the automatic migration tool. You may want to perform the conversion manually if you want more granular control, but Cisco offers a PIX to ASA Migration Tool that can perform this automatically. Let’s look at how it works.
Read the full article at: Converting from old to new with the PIX to ASA Migration Tool