Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
580
Views
5
Helpful
3
Replies

Cisco ASA 5505 Upgrade Issues-Only compatibility infor for 5506

Mark28
Level 1
Level 1

‎09-26-2018 11:33 AM

I have an ASA 5505 using ASA Version 8.2(5) and ADSM 7.3(1)101 with Flash 128Mb , Memory 512Mb, Security Plus 25 license. I need to upgrade the unit but I see that it is end of life. The only compatibility grids that I see are for 5506. My question is what is the latest versions that I can upgrade to, what is the upgrade path, and what is the compatibility with my versions of ASA and ADSM. Also, should I upgrade the hardware rather than upgrade software. And what am I in for as far as configuration differences and issues. Thank You for your help.

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎09-26-2018 11:54 AM

Couple of document below to refer, but bear in mind 8.2 to 8.4 is big change, many configuration changes will be changed. Alwsy take backup of config, do the upgrades in change window and plan for roll back if any live service breaks because of config syntax changes.

 

 

https://community.cisco.com/t5/security-documents/asa-8-3-upgrade-what-you-need-to-know/ta-p/3127078

https://community.cisco.com/t5/firewalls/asa-upgrade-from-8-2-5-13-to-9-2/td-p/2598726

https://www.cisco.com/c/en/us/td/docs/security/asa/asa83/upgrading/migrating.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Mark28
Level 1
Level 1
In response to balaji.bandi

‎09-26-2018 12:16 PM

Hello Balaji.Bandi,
Many thanks for your very informative reply
Since I am a beginner, is the scope of the potential problems worth the
upgrade? And what is the latest version of ADSM and IOS that should I
upgrade to. The compatibility grids are for 5506 so I do not know what to
upgrade.

Best regards,
Mark28
0 Helpful

hvshaunw
Level 1
Level 1

‎09-26-2018 01:11 PM

9.1.7 is still the "latest"  recommend code via TAC for the 5505's.

 

However, you will need 1 GB of memory to run that code without getting errors in ASDM when you connect.

You would also need to go from 8.2.5 > 8.4.6 > 9.1.7

In my experience if you copy the 8.4.6 code, mark it as your boot image, and reboot too it the upgrade will convert all your statements etc for you. It will place a file in flash that shows all the errors from the conversion process as well.

 

There are a few conversion tools to help you with the code migration as well

 

https://www.tunnelsup.com/nat-converter/

 

Cisco also has one that you can use depending on your CCO access

 

https://fwm.cisco.com/applauncher.do#appstore:1

 

The big thing that changes are the ACL's and the NAT's.

but the conversion normally does a decent job for you.

 

Just make sure to grab the output of a more system:running-config before hand so you have all your passwords and pre-sharked keys for VPN's in plain text if you need them.

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents