ASA in transparent mode with LAN base active failover / standby?

Is it possible to have a pair of the SAA in transparent mode with LAN-based failover active / standby? I configured the portion of failover and then configured the transparent mode and it erased my failover configuration. Is this supported configuration, and if so are there at - it an example?

Thanks in advance

Yes. It is possible to have a pair of ASA in transparent mode with LAN-based failover active/Standy. You must perform the configuration of failover after conversion of the appliance in transparent mode.

I saw an example on the cisco site, but I'll give you an example of one of the projects I run. Infact its very easy to configure failover in transparent mode. Less work.

I have listed the configs on both the firewall for your reference

Main firewall

============

interface GigabitEthernet0/0

nameif outside

security-level 0

No tap

!

interface GigabitEthernet0/1

nameif inside

security-level 100

No tap

!

interface GigabitEthernet0/2

Shutdown

No nameif

no level of security

!

interface GigabitEthernet0/3

Failover LAN Interface Description

!

192.168.9.2 IP address 255.255.255.0 watch 192.168.9.7

failover

primary failover lan unit

local failover FAILINT GigabitEthernet0/3 network interface

failover abcdef keys

failover interface ip FAILINT 172.16.9.1 255.255.255.0 watch 172.16.9.7

The secondary firewall

=================

failover

secondary failover lan unit

local failover FAILINT GigabitEthernet0/3 network interface

failover abcdef keys

failover interface ip FAILINT 172.16.9.1 255.255.255.0 watch 172.16.9.7

int GigabitEthernet0/3

No tap

Hope the above helps.

Tags: Cisco Security

Similar Questions

  • transparent mode with AIP-SSM-20

    I currently have an ASA5510 routed with AIP-SSM-20 mode.

    It is necessary to use a connection in optical fiber between the ASA and ASA on the campus, so the AIP - SSM will need to be removed and replaced by the SSM - 4GE.  This section should present no problems.

    However, this will remove the IPS device, and I always want to use IPS.

    So what I think is to get another ASA5510, install the AIP - SSM, configure ASA for transparent and put it between the inside of the ASA routed and my local network.  The ASA transparent would be strictly works in the form of an IPS appliance.

    The installation program should look like this:

    Internal LAN <> ASA transparent with IPS <> routed ASA <> WAN

    The AIP - SSM can always perform with the ASA in transparent mode IPS?

    Is it possible to configure the ASA and AIP - SSM such as traffic to and from a particular server completely ignores the AIP - SSM?

    I have a couple of file servers which generate heavy traffic and can overload the AIP - SSM.

    Kind regards.

    AFAIR, it is no installation AIP in a transparent firewall problem.

    "The SAA in transparent mode can execute an agreement in principle.  In the event that the AIP fails,

    the IPS will fail-open and the ASA will continue to pass traffic.
    
However, if an interface or cable fails, then traffic will stop.  You
    
would need a failover pair to account for this failure event, which
    
means another ASA and matching AIP."

    And no there is no problem to exclude certain hosts/ports/subnets inspection by IPS via MPF.

    http://www.Cisco.com/en/us/docs/security/ASA/asa82/configuration/guide/IPS.html#wp1050744

    What I consider however is however if the ASA 5510 as second level firewall for 5520 s will be enough.

    http://www.Cisco.com/en/us/products/ps6120/prod_models_comparison.html

    HTH,

    Marcin

  • replication of VPN with active failover / standby

    Hello world

    If ASA is the config of active failover / standby.

    If ASA Active VPN image, profile and plug-ins that will also replicate to ASA watch?

    or I have to do it manually on SAA standby?

    Concerning

    MAhesh

    The VPN image and profile are not replicated, you will have to do it manually.  Here is a list of which ends up in a configuration of active / standby stateful:

    • The NAT translation table

    • TCP connection States

    • The UDP connection States

    • The ARP table

    • The layer 2 bridge table (when it is running in transparent firewall mode)

    • The States of HTTP connection (if the HTTP replication is enabled)

    • The table ISAKMP / IPSec SA

    • The database of the GTP PDP connection

    --

    Please do not forget to rate and choose a good answer

  • Why ASA in transparent mode require same subnet ip to that of the connected network

    ASA transparent mode, why it is necessary to keep the management ip on the same subnet to the connected network?

    What happens if I keep managing ip in a different subnet as the network connected?

    If I only did traffic to move through to the asa and why?

    thanxs.

    Hello Vijay,

    As you say you can use another, that is right, but the thing is that the IP address of management is not only used to draw management.

    Who was you are missing the point.

    That the IP address assigned to the ASA as a whole also will be used for ARP requests when the ASA does not know where the destination hosts lies and is not on the same subnet as the ASA.

    It will serve as a source for packages destined to a syslog server, server AAA, Netflow server, SNMP server, and any package that ASA will have to create so in that spirit the routing of the network will have to be modified to work with that.

    If you come to realize that the routing of the network works with a different management on the transparent address IP address then you can do it. I can assure you that I have seen this scenario before working with no problems at all BUD.

    Just to remember to Note all useful posts like this

    Looking for a Networking Assistance?
    Contact me directly to [email protected] / * /

    I will fix your problem as soon as POSSIBLE.

    See you soon,.

    Julio Segura Carvajal
    http://laguiadelnetworking.com

  • Cisco ASA 55XX Transparent mode through a VLAN

    Hello team Cisco Forum!

    In a scenario where the Cisco ASA is in Transparent mode, it is possible to route the traffic of L2 other VLAN different that the VLAN native IP for the firewall management lies?

    Switches on the outside and the inside of the interfaces of the SAA are in trunk mode, and I'm moving ttraffic VLAN L2 from inside to outside and vice versa by using filters on switches (switchport trunk allowed vlan).

    Thank you in advanced for your support and comments!

    Yes it is possible, but you will be limited to 8 VLAN, or more precisely, 8 interfaces BVI so it's not a scalable solution.  The problem is that you will need to have different VLANS to the same subnet at both ends of the SAA.

    To clarify this point, lets say, you use the interface Gig0/1 and Gig0/2.  Gig0/1, you would set up subinterfaces with VLAN 2, 3 and 4.  Now, if you try to configure the same VLAN on Gig0/2, you will get an error saying something like this VLAN is already configured on another interface. I don't remember the exact error.

    So to get this working, you need to configure Gig0/2 with subinterfaces for VLAN... lets say... 5, 6 and 7.  you would then associate VLAN 2 and 5 with BVI 1, VLAN 3 and 6 with 2 Virgin Islands British and VLAN 4 and 7 with 3 British Virgin Islands.  Each interface BVI would have its own IP address for the subnet on which is to be filled in all of the ASA.

    --

    Please do not forget to select a correct answer and rate useful posts

  • ASA 5505 transparent mode dosnt pass traffic

    Hi all

    need help

    ASA 5505 do not pass traffic as a cordon of brewing, how do you get traffic?

    ciscoasa # sh ver

    Cisco Adaptive Security Appliance Version 8.2 software (5)

    Version 6.4 Device Manager (5)

    Updated Saturday, May 20, 11 16:00 by manufacturers

    System image file is "disk0: / asa825 - k8.bin.

    The configuration file to the startup was "startup-config '.

    ciscoasa until 55 minutes 31 seconds

    Material: ASA5505, 512 MB RAM, 500 MHz Geode Processor

    Internal ATA Compact Flash, 128 MB

    BIOS Flash Firmware Hub @ 0xffe00000, 1024 KB

    Hardware encryption device: Cisco ASA-5505 Accelerator Board (revision 0 x 0)

    Start firmware: CN1000-MC-BOOT - 2.00

    SSL/IKE firmware: CNLite-MC-Smls-PLUS - 2.03

    Microcode IPSec:-CNlite-MC-IPSECm-HAND - 2.05

    0: Int: internal-Data0/0: the address is e4d3.f193.9486, irq 11

    1: Ext: Ethernet0/0: the address is e4d3.f193.947e, irq 255

    2: Ext: Ethernet0/1: the address is e4d3.f193.947f, irq 255

    3: Ext: Ethernet0/2: the address is e4d3.f193.9480, irq 255

    4: Ext: Ethernet0/3: the address is e4d3.f193.9481, irq 255

    5: Ext: Ethernet0/4: the address is e4d3.f193.9482, irq 255

    6: Ext: Ethernet0/5: the address is e4d3.f193.9483, irq 255

    7: Ext: Ethernet0/6: the address is e4d3.f193.9484, irq 255

    8: Ext: Ethernet0/7: the address is e4d3.f193.9485, irq 255

    9: Int: internal-Data0/1: the address is 0000.0003.0002, irq 255

    10: Int: not used: irq 255

    11: Int: not used: irq 255

    The devices allowed for this platform:

    The maximum physical Interfaces: 8

    VLAN: 3, restricted DMZ

    Internal guests: 10

    Failover: disabled

    VPN - A: enabled

    VPN-3DES-AES: enabled

    SSL VPN peers: 2

    The VPN peers total: 10

    Double ISP: disabled

    Junction ports VLAN: 0

    Sharing license: disabled

    AnyConnect for Mobile: disabled

    AnyConnect Cisco VPN phone: disabled

    AnyConnect Essentials: disabled

    Assessment of Advanced endpoint: disabled

    Proxy sessions for the UC phone: 2

    Total number of Sessions of Proxy UC: 2

    Botnet traffic filter: disabled

    This platform includes a basic license.

    Registry configuration is 0x1

    Modified configuration of enable_15 to 20:34:47.689 UTC Wednesday 5 December 2012

    ciscoasa #.

    ciscoasa #.

    ciscoasa # sh run

    : Saved

    :

    ASA Version 8.2 (5)

    !

    transparent firewall

    ciscoasa hostname

    activate 8eeGnt0NEFObbH6U encrypted password

    2KFQnbNIdI.2KYOU encrypted passwd

    names of

    !

    I haventerface Ethernet0/0

    switchport access vlan 2

    !

    interface Ethernet0/1

    !

    interface Ethernet0/2

    Shutdown

    !

    interface Ethernet0/3

    Shutdown

    !

    interface Ethernet0/4

    Shutdown

    !

    interface Ethernet0/5

    Shutdown

    !

    interface Ethernet0/6

    Shutdown

    !

    interface Ethernet0/7

    Shutdown

    !

    interface Vlan1

    nameif inside

    security-level 100

    !

    interface Vlan2

    nameif outside

    security-level 0

    !

    passive FTP mode

    outs_in of access allowed any ip an extended list

    outs_in list extended access permit icmp any one

    pager lines 24

    Within 1500 MTU

    Outside 1500 MTU

    no ip address

    ICMP unreachable rate-limit 1 burst-size 1

    don't allow no asdm history

    ARP timeout 14400

    outs_in access to the interface inside group

    Access-group outs_in in interface outside

    Timeout xlate 03:00

    Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

    Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00

    Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00

    Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

    timeout tcp-proxy-reassembly 0:01:00

    Floating conn timeout 0:00:00

    dynamic-access-policy-registration DfltAccessPolicy

    No snmp server location

    No snmp Server contact

    Server enable SNMP traps snmp authentication linkup, linkdown cold start

    life crypto ipsec security association seconds 28800

    Crypto ipsec kilobytes of life - safety 4608000 association

    Telnet timeout 5

    SSH timeout 5

    Console timeout 0

    a basic threat threat detection

    Statistics-list of access threat detection

    no statistical threat detection tcp-interception

    !

    class-map inspection_default

    match default-inspection-traffic

    !

    !

    type of policy-card inspect dns preset_dns_map

    parameters

    maximum message length automatic of customer

    message-length maximum 512

    Policy-map global_policy

    class inspection_default

    inspect the preset_dns_map dns

    inspect the ftp

    inspect h323 h225

    inspect the h323 ras

    inspect the rsh

    inspect the rtsp

    inspect esmtp

    inspect sqlnet

    inspect the skinny

    inspect sunrpc

    inspect xdmcp

    inspect the sip

    inspect the netbios

    inspect the tftp

    Review the ip options

    !

    global service-policy global_policy

    context of prompt hostname

    no remote anonymous reporting call

    Cryptochecksum:234e9b9c6c9c941a89e37011325b6d5e

    : end

    ciscoasa #.

    ciscoasa #.

    ciscoasa #.

    ciscoasa # sh - access list

    access cached list the ACL log stream: total 0, 0 (deny-flow-max 4096) denied

    alert interval 300

    outs_in list of access; 2 elements; hash name: 0xd6c65ba5

    permit for access list 1 outs_in line ip scope any a (hitcnt = 0) 0x7d210842

    allowed to Access-list outs_in line 2 extended icmp any a (hitcnt = 0) 0x5532fcc5

    ciscoasa #.

    Hello

    Exactly... Good to know it works now.

    Do you know why he needs the IP address (such as a transparent firewall)?

    The ASA will act as a transparent layer 2 on the right device to the network, but what happens when the ASA does not have a particular destination mac address... What would be the source ip address of the package? Ip address of the ASA. So that's the main reason why we need that.

    We use it also for traffic management and for AAA services (if authentication is used the ASA will send the AAA authentication request to the server) with the IP address of this source.

    Please check the question as answered, so future users can pull of this

    Julio Carvajal

    Costa Rica

  • Cisco ASA 8.4 Active Failover / standby with anyconnect local CA

    Hi Friend´s

    I hope you do well! I ve got a question, hope you can help me. I ve got an ASA 5550 with version 8.4 (6), it s focusing anyconnect VPN remote access who authenticate through certificate locally generated in ASA. We´ve got an another 5550 with the same hardware and same version, and we focus on the configuration of the failover. I ve heard of network other than it s engineers may not failover configuration when the ASA doing this local. Then I ve read full failover for version 8.4 operating guide (6) and I didn t find any restrictions on the local failover and CA working together. I m tests over the next weekend, but I would like to know from your experience, if I'm having problems on VPN connections or failover configuration.

    Please, do not hesitate to ask as much as necessary information. All comment and documentation will be appreciated.

    Best regards!

    It's the n: documentatio

     Does not support Active/Active or Active/Standby failover

    And on top of that, ASDM shows that "Local CA cannot be configured when failover is activated".

  • Enabling multicast on the inside of transparent mode network

    ASA is in transparent mode (5512-X/9.1 (5))

    Inside network is 10.1.0.0/24. Router 10.1.0.1 is on the external interface.

    Syslog message: Deny UDP incoming from 10.1.0.103/5353 to 224.0.0.251/5353 on the interface inside

    I have ASA configured with access lists in the transition from outside to inside, but none of the lists of access from inside to outside, because I want to allow all traffic inside out.

    I believe in routed mode that I would permit same-security-traffic intra-interface. How can I get all of this in a transparent mode with out having an inside to outside access list?

    Config:

    access-list extended outside_in permitted tcp any4 host 10.1.0.46 object-group WEBSERVER_SERVICES journal of notifications
    outside_in list extended access permitted tcp any4 any4 object-group VCENTER
    outside_in list extended access permitted tcp any4 any4 object-group VSPHERE inactive
    outside_in list extended access permitted tcp any4 any4 eq journal of notifications
    outside_in list extended access permitted tcp any4 any4 object-group RDP
    access-list extended outside_in permit udp host 10.1.0.1 host 10.1.0.54 eq syslog
    outside_in list extended access permitted udp object-group PULSE sip host 10.1.0.15 eq eq sip log notifications
    outside_in list extended access allowed icmp host 10.1.0.1 any4 object-group ICMP log notifications

    Access-group outside_in in external interface

    You can apply an acl entry, inside which allows all (allowed an ip) and an ACL in one outside which the multicast stream, for example:

     access-list OUTSIDE extended permit igmp any any access-list OUTSIDE extended permit pim any any
     access-list OUTSIDE extended permit ip any object-group MCAST
     access-list OUTSIDE extended permit ip object-group MCAST any

    Where MCAST encompasses a group of 224.0.0.0 - 239.255.255.255.

    All traffic inside is allowed and only inspected return traffic and multicast traffic is allowed outside.

    JJ

  • VPN in transparent mode

    Hello

    Is it possible to run IPSEC and SSL VPN (without customer or anycoonet) while ASA in Transparent mode remotely? All NAT/PAT is the router before the ASA.

    If so, any example config would be appreciated.

    Reg,

    Sushil

    No, is VPN IPSEC or SSL are not supported when the ASA is in transparent mode.

    Here is the URL for your reference:

    http://www.Cisco.com/en/us/docs/security/ASA/asa82/configuration/guide/fwmode.html#wp1222826

  • Secondary ASA with IP transparent mode on the router

    Hello

    I have

    Router - ASA (Transparent) - switch

    and wonder if it is possible to configure the secondary IP on the interface of the router that is connected to the ASA

    So there is plenty of room in terms of range of LAN IP addresses.

    Or do I have to implement this, change ASA in context mode and to change the configuration on the SAA?

    hope I don't have to change anything on the SAA.

    Thank you

    ASA mode transparant works as L2 device

    so, what ever u ips use dosent matter

    u don't need to change anything in the ASA where the mod transperant

    But beware of what is allowed to be passed through the firewall

    It can be controlled by ACL

    the router and switch you will be OPERAT in L3 as your connected directly or nothing between them of three routing and layer perspective

    so they must be in the same subnet VLANS, and so on

    good lcuk

    Please, if useful rates

  • ASA SSL VPN problem with 8.2 (2)

    Hello everyone,

    I have a couple of ASA 5520 image 8.2 (1) running in active failover mode / standby.

    A few months ago, I downloaded the 8.2 (2) on the cisco website and charge to the ASA.
    After loading the new image, they called me for problems
    functioning of the application of webvpn.

    The web app seems to work, but in a mode of read-only, because you could not

    change the content of the files.

    I couldn't find a way to make it work, so I decided to downgrade to 8.2 (1).
    and as I loaded it the old image, the problem disappeared.

    Now I see that it is available the image 8.2 (3).
    To avoid the risk of hard work I tetsted on a piece of spare 5510, and with the disappoint, I found
    the problem was the same.

    Everyone is facing such a problem or can suggest me how to solve?

    Thanks in advance.

    Marco.

    Can you please provide more details about what application does not work through WebVPN interface without client?  Have you tried to activate Smart Tunneling for this application?

  • Problem with LAN Express airport

    Hello

    I recently bought an Apple AirPort Express router and I have several problems using the Ethernet with the most active airport. The thing is with my old router, I could have been connected to the ethernet cable, while at the same time connected with a LAN cable to my Macbook (end of 2015). The old router would have generated a wifi connection, but at the same time, would have enabled internet connection by cable to my Macbook without the active WiFi. People could use WiFi at home, but the Macbook would be connected to the internet by cable (lan cable connected to the router)

    My question is how to turn on a cable connection on my Macbook using the AirPort Express LAN cable, while at the same time, keep WiFi active. Currently, I have the ethernet cable connected to the airport and cable Lan also connected to the airport and the Macbook, but the internet will not work unless the WiFi is active. I would like to turn off the WiFi on the Macbook and always have an internet connection through the LAN cable that is connected between the AirPort Express device and Macbook.

    Thank you

    My question is how to turn on a cable connection on my Macbook using the AirPort Express LAN cable, while at the same time, keep WiFi active.

    Is the Terminal AirPort Express the only router in the current configuration of your network? No matter, what is the brand and model of the modem Internet you have the Express directly connected by Ethernet? ... or is the Express connected by Wi - Fi to the modem?

  • Need help with XP, you try to restore the system to the mode safe mode with command prompt.

    XP does not start even in safe mode.  Can access the mode safe mode with command prompt. Tried to use the repeated suggestion here.  The said command is not available.

    http://support.Microsoft.com/kb/304449 I tried these instructions from microsoft are supported and the command will not be accepted.

    Any help out there?

    Hello

    1. What is the exact error message when you try to access the computer in safe mode?
    The issue seems to be with the corrupted registry that prevents Windows XP startup.
    How do I recover from a corrupted registry that prevents Windows XP startup
    http://support.Microsoft.com/kb/307545
    Note:
    To do: Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems can occur if you modify the registry incorrectly. Therefore, make sure that you proceed with caution. For added protection, back up the registry before you edit it. Then you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click on the number below to view the article in the Microsoft Knowledge Base:
    How to back up and restore the registry in Windows
    http://support.Microsoft.com/kb/322756

  • Internet connection only in Mode safe mode with networking

    I was using the Internet at home, when I had a pop up telling me there was an anti-virus program download. I pulled out the window pop-up, rebooted the computer and turned on safe mode with network. I thought it was just a problem of virus/malware/spyware. Since I installed several programs to prevent/remove any type of spyware (virus, etc.), I decided to run in safe mode, just in case. I ran the and after he said that my computer was clean, I restarted the computer in normal mode. The internet, however, did more work. He said that the Internet connection was closed portals HTTP, HTTPS and FTP. He also recommended that I check my firewall settings. I use the internet in safe mode with networking, and it works here though.

    I'm not really sure what the problem is with the internet settings. I could really use some help!

    Hi AngelicaR,

    OK, you should now check your firewall settings, to do so right click my network connection on your desktop-> select Properties (or click Start-> Settings Control Panel-> network connection)

    Now right click on your connection to the LAN->-> Advanced->-online advanced, settings, settings-the default settings online-> restore default settings. This will restore the default firewall on your local network connection. Click ok on the screen and restart your pc to see if its working.

    If you find the same problem again and then come to the same path: required connection to the local network-> settings-> Advanced-> settings-online Exceprions-> Tickmark the HTTP, HTTPS and FTP, also tickmark "display notification when firewall blocks a program" that will help you the notification to allow access through the firewall. Click ok on the whole screen, restart your pc.

    I hope this helps.

  • my laptop keeps going to start page.__No regardless of which option to choose, that is to say. safe mode, safe mode, safe mode with command prompt, the last known good configuration, start windows normally, it's always the same

    my laptop keeps going to the start page. No matter which option I choose, IE. safe mode, safe mood with networking, safe mode with command prompt, last known, good configuration start windows normally, it always comes back to the same screen. saw this post before and the invloved boot cd solution. I have not a cd ROM is there another way to solve this problem. Thank you people

    Thank you for taking the time to make this post very informative, excellent. Without the machine test myself that I can't be sure, but based on the age of the computer and what you wrote I suspect for lack of material. It could be something simple like the hard drive or RAM or something more serious like the motherboard. I wouldn't recommend replacing any material on such an old laptop.

    As long as the hard disk has been physically, you can recover your data easily. If the hard drive has failed, then you will need to send the drive to a professional drive savers data recovery company. It is quite expensive ($500-3700), but they can usually recover your data. Some insurance policies cover also, professional data recovery in order to check with yours. But let's be optimistic. ;-)

    IMPORTANT - If there is no question that the drive is at fault - there are noises, for example - and the data is crucial NOTHING else ON THE DISC. Whenever launch you this player you can destroy data. If this is the case, send the drive to a professional data recovery company.

    I'll give you the information on how to test the hard drive to see if it's good physically and how to recover data when you can't in Windows but in doing these things requires a certain level of computer skills. You know yourself the best and that it would be better to take the laptop to a competent local professional. If you do this, do not use a type of BigComputerStore/GeekSquad of the place. Get recommendations from family, friends and colleagues.

    A. test equipment

    Test the hard drive with a diagnostic utility downloaded from site of the disc mftr. or use SeaTools for BACK of Seagate. You create a bootable CD with the files you download. You will need a third party burning software to do as the free ImgBurn, Nero or Roxio. Burn as an image, not in the form of data.

    http://www.ImgBurn.com

    http://www.Seagate.com/www/en-us/support/downloads/SeaTools/seatooldreg
    http://Seagate.custkb.com/Seagate/CRM/selfservice/search.jsp?docid=201271 (how-to)

    Boot with the CD that you have done and do a full test of the reader. You will probably need to change the boot order. Your Dell can give you a temporary boot menu if you press F12 as the computer starts. If so, use your arrow key to select the CD drive. Otherwise, press F2 to enter in Setup (BIOS) and change the order of boot on the CD drive first. If the disk fails all physical tests, it must be replaced. Although readers of the laptop cost around $60, you should really consider if it is to put money in such an old machine. You can replace the disk, but the laptop is definitely at the end of its normal life and something else is doomed to failure.

    There is information about the RAM test and other materials here:

    http://www.elephantboycomputers.com/page2.html#Hardware_Tshoot

    B. retrieve data detach a healthy disk when you are unable to Windows

    1 remove the drive and put it in a box of USB drive or use a USB adapter. Attach it to a computer that is running a working XP/Vista/Windows7 installation. Use the work of Windows Explorer to copy the data to the hard drive of the system to the rescue and burn data on cd or dvd.

    2. you can start the target computer with a Bart PE (if you use XP) or a Linux live CD like Knoppix and retrieve the data in this way. General information about the use of Knoppix for this are:

    You will need a computer with two cd records, which is an engraver of CD/DVD OR a USB stick with a capacity to hold your data OR an external USB hard disk formatted FAT32 (not NTFS) *. Download Knoppix .iso image file and create your bootable CD. If you do this in a previous (XP or Vista) operating system, you will need the third burning like Nero, Roxio or the free ImgBurn software (Windows 7 can burn .isos natively). Burn as an image, not in the form of data. Then boot with the CD that you created, and Knoppix will be able to see the files in Windows. If you use the USB key or an external hard disk, right-click on its icon (on the desktop) to get its properties and uncheck "read only". Then click on it to open it. Note that the mouse action by default in the window manager used by Knoppix (KDE) is a simple click to open instead of double-click traditional MS Windows. If you want to burn CD/DVDs, use the K3b program.

    * My understanding is that you can now write on NTFS from Linux partition. If you wish to do this, Google for instructions on the use of the NTFS driver.

    http://www.Knoppix.NET
    http://www.nu2.nu/pebuilder/ - Bart PE Builder

    C. recovery of activity for the future - http://www.elephantboycomputers.com/page2.html#Backing_Up MS - MVP - Elephant Boy computers - Don ' t Panic!

Maybe you are looking for