Have a 5525-X used as a perimeter fw and we want to update the software to the appropriate stable release. We do not have FirePower.
Read the ASA Upgrade Guide and have looked at the various interim releases and I don't know which to select. We plan to replace this firewall within the next year, so looking for the most stable interim release that will carry us through that period. Does anyone have a recommendation for the ASA and ASDM software versions I should install?
In case it is a factor, we do use AnyConnect for about 20 remote workers.
Current state of ASA is as follows:
Cisco Adaptive Security Appliance Software Version 9.6(4)17 Device Manager Version 7.10(1)
Hardware: ASA5525, 8192 MB RAM, CPU Lynnfield 2393 MHz, 1 CPU (4 cores) ASA: 4221 MB RAM, 1 CPU (1 core) Internal ATA Compact Flash, 8192MB BIOS Flash MX25L6445E @ 0xffbb0000, 8192KB
Hi, The latest recommended gold star versions supported on your hardware are 9.6.4, 9.8.4 and 9.12.3. As you are running AnyConnect Remote Access VPN I'd recommend you running 9.12.3, as in versions 9.10 and later Cisco improved performance (ensure you are running AnyConnect 4.7 or later, ideally 4.9 in order to get the best performance possible).
The Cisco Secure Firewall and SecureX teams are looking for feedback from active Secure Firewall users who may or may not have already activated SecureX. Your responses will help us improve the Firepower experience in SecureX. Th...
Related documentsCisco ISE (Identity Services Engine) IPv6 features by release2.6ISE ManagementNetwork Time Protocol SupportDomain Name System SupportExternal RepositoriesAudit Logs and ReportsSimple Network Management ProtocolAccess Control Lists And Dyn...
Site to Site IPSec VPN with Dynamic IP Endpoint is typically used when we have a branch sites which obtains a dynamic public IP from the Internet ISP. For example an ADSL connection.One important note is that Site-to-Site VPN with Dynamic remote routers P...
On R1, configure a key ring that defines the peer R3:Address: 188.8.131.52Local and remote pre-shared key: cisco R1(config)#crypto ikev2 keyring KRR1(config-ikev2-keyring)# peer R3R1(config-ikev2-keyring-peer)# address 184.108.40.206R1(config-ikev2-keyring-pee...