11-05-2015 08:39 PM - edited 03-11-2019 11:50 PM
Hello experts,
Planning to upgrade Active/stdby pair from 8.2.x->8.4.6->9.1.10. ASAs got reqd memory. Also, the config got only couple of 'nonat' statements and related VPN configs.
Can I upgrade pair to 8.4.6 first (standard method) and once all looks good then goto 9.1.10? Any manual config intervention required?
Or I need to break the pair and do one after the other with necessary config changes?
Configuration conversion worked fine on singe test ASA.
Thanks in advance
MS
Solved! Go to Solution.
11-05-2015 08:49 PM
Hi,
Since configuration conversion was fine on a test ASA you should not face any issue with upgrading the failover setup. You can follow the standard upgrade path.
hope this helps.
Thanks,
Shivapramod M
11-05-2015 08:58 PM
Hi,
Following are the steps which are suggested for an upgrade which involves migration
++ Issue command
#no names
++ Issue command
#no nat-control
++ If there is any NAT exempt statement constructed using ACL, then make sure that there
is no ACL with source and destination IP as "any".
In case there is any such ACL then remove that ACL before migration and add it after
migrating to new ASA version.
>> Above mentioned steps are required prior to an upgrade.
For more details you can refer:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/upgrading/migrating.html#wp77266
HTH
Thanks,
R.Seth
11-05-2015 08:49 PM
Hi,
Since configuration conversion was fine on a test ASA you should not face any issue with upgrading the failover setup. You can follow the standard upgrade path.
hope this helps.
Thanks,
Shivapramod M
11-05-2015 08:58 PM
Hi,
Following are the steps which are suggested for an upgrade which involves migration
++ Issue command
#no names
++ Issue command
#no nat-control
++ If there is any NAT exempt statement constructed using ACL, then make sure that there
is no ACL with source and destination IP as "any".
In case there is any such ACL then remove that ACL before migration and add it after
migrating to new ASA version.
>> Above mentioned steps are required prior to an upgrade.
For more details you can refer:
http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/upgrading/migrating.html#wp77266
HTH
Thanks,
R.Seth
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: