Ipsec_Gen

Script pyhton to migrate ipsec ikev1/ikev2 configuration from Cisco IOS Router to Cisco ASA firewall.

1/ipsec-collect.py

This script allows you to collect ipsec ikev1/ikev2 configurations from Cisco Router (IOS) Prerequisites

Cisco router ios (tested on ios 15.4) 
Python 3.x

Instructions

Clone this repository to your workstation.

Copy the output of the command: more system:running-config to the config.txt file in /input folder.

Run the ipsecollect.py script. this programme will generate two output files in /output folder: config_VPN.csv and config_ike.csv.

config_VPN.csv: contains vpn configuration extracted from the running-config such as: peer ip, secondary peer, psk, phase 2 proposal, encryption domain..
config_ike.csv: contains all isakmp/phase1 policy with no redundance if policy already collected

2/ipsecgen.py

This script allows you to generated ipsec ikev1/ikev2 configurations for Cisco ASA from two files generated by the first script ipsecollect.py Prerequisites

Cisco ASA 8.4 (or newer tested in ASA 9.4)
Python 3.x

Instructions

Check that csv files generated by the first script already exists in /output directory, or you can fill out the config_VPN.csv and config_ike.csv files with your vpn information.

Run the ipsecgen.py script which generates the vpn configuration in the output/ASA_config.txt file.

About

Script to migrate ipsec configuration ikev1/ikev2 from Cisco IOS router to Cisco ASA firewall and format ipsec information in csv file

vpn ipsec asa cisco router migration

Languages

Language:Python 100.0%