ASA software upgrade

phil96564 — Fri, 19 Mar 2021 12:38:23 GMT

I have been tasked with seeing what the highest version is to which we could upgrade our ASAs and so far my strategy has involved checking the release notes and checking for any usage of the deprecated commands. Is there a better way than this? Is there a way of checking beforehand whether any problems will arise as a result of attempting to upgrade?

Can anyone tell me what happens if we attempt to upgrade an ASA and the new software version has deprecated some commands that are currently in use on our firewalls? Does it just delete them or throw up an error or some other action?

Thanks

Phil.

Re: ASA software upgrade

Rob Ingram — Fri, 19 Mar 2021 12:50:05 GMT

Hi @phil96564

You should read the release notes carefully, search for "depreciated" each version will tell you what command or feature has or will be depreciated.

If you are using VPNs, I know a lot of ciphers have been depreciated in recent versions. Double check your configuration and compare against the list of ciphers that have been depreciated. Cisco recommends to check and amend your VPN configuration accordingly before upgrading.

topic Re: ASA software upgrade in Network Security

ASA software upgrade

Re: ASA software upgrade