Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1573
Views
0
Helpful
9
Replies

ASA Upgrade

Go to solution
estelamathew
Level 2
Level 2

‎01-29-2011 04:16 AM - edited ‎03-11-2019 12:41 PM

Hello Dears,

Below is the Type of Upgrade Support what i have read.

  • I want to upgrade from 8.0.(4) to 8.2.(4) Can i upgrade directly to  8.2.(4) or i have to upgrade first to 8.2.(1).

  • As per the STEP 3 in (Active/Standby Failover Configuration) below when we reload the standby unit when it comes up how it can be in standby state as IOS will be different in both appliance and both will be active.please correct me if i m wrong

Maintenance Release You can upgrade from any maintenance release to any other maintenance release within a minor release.

For example, you can upgrade from 7.0(1) to 7.0(4) without first installing the maintenance releases in between.

Minor Release You can upgrade from a minor release to the next minor release. You cannot skip a minor release.
For example, you can upgrade from 7.0 to 7.1. Upgrading from 7.0 directly to 7.2 is not supported for zero-downtime upgrades; you must first upgrade to 7.1.

Major Release You can upgrade from the last minor release of the previous version to the next major release.
For example, you can upgrade from 7.9 to 8.0, assuming that 7.9 is the last minor version in the 7.x release.

Upgrade an Active/Standby Failover Configuration

Complete these steps in order to upgrade two units in an       Active/Standby failover configuration:

  1. Download the new software to both units, and specify the new image to           load with the boot system command.

    Refer to           Upgrade           a Software Image and ASDM Image using CLI for more           information.

  2. Reload the standby unit to boot the new image by entering the            failover           reload-standby command on the active unit as shown           below:

    active#failover reload-standby

  3. When the standby unit has finished reloading and is in the Standby           Ready state, force the active unit to fail over to the standby unit by entering           the no           failover active command on the active unit.

    active#no failover active

    Note: Use the show             failover command in order to verify that the standby unit             is in the Standby Ready state.

  4. Reload the former active unit (now the new standby unit) by entering           the reload command:

    newstandby#reload

  5. When the new standby unit has finished reloading and is in the           Standby Ready state, return the original active unit to active status by           entering the failover           active command:

    newstandby#failover active

This completes the process of upgrading an Active/Standby Failover       pair.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to estelamathew

‎01-29-2011 05:50 AM

No it will not. It will come up with a new code but, just running the new code doesn't make the unit healthier than the other unit.

Only when one unit thinks that the other unit acting as active is less healthy, it will try to become active.

Activation key will not be affected.

-KS

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎01-29-2011 05:00 AM

Estela,

Nice research on your part. Much appreciated. We love our readers who try to help themselves.

If the end goal is to go to 8.2.4 I'd pull the release note link for 8.2 which you can see here:

http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html#wp315678

To ensure that your configuration updates  correctly, you must upgrade to each major release in turn. Therefore, to  upgrade from Version 7.0 to Version 8.2, first upgrade from 7.0 to 7.1,  then from 7.1 to 7.2, and finally from Version 7.2 to Version 8.2 (8.1  was only available on the ASA 5580).

So you could go from  8.0.(4) to 8.2.(4) directly.

1) on the active unit issue "wr mem"
2) copy the new image to the standby unit
3) reload the standby unit which will come back as standby and running
the new code
4) on the standby execute "failover active", it is now the active unit
5) on the unit that is now standby, copy the new image to it
6) reload the standby unit

-KS

0 Helpful

Go to solution
estelamathew
Level 2
Level 2
In response to Kureli Sankar

‎01-29-2011 05:47 AM

Hello,

Happy to see replies from such Experts.

As per ur statement Number 3 reload the standby unit which will come back as standby and running
the new code

when the standby comes up it will also be in active state becz both version will differ??? Please correct me if i m wrong.

I hope th Activation key will not be disturbed once after upgrade

Thanks

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to estelamathew

‎01-29-2011 05:50 AM

No it will not. It will come up with a new code but, just running the new code doesn't make the unit healthier than the other unit.

Only when one unit thinks that the other unit acting as active is less healthy, it will try to become active.

Activation key will not be affected.

-KS

0 Helpful

Go to solution
estelamathew
Level 2
Level 2
In response to Kureli Sankar

‎01-29-2011 05:55 AM

Hello,

Is it the below statement applies to FWSM module also or only to ASA.

No it will not. It will come up with a new code but, just running the  new code doesn't make the unit healthier than the other unit.

Only when one unit thinks that the other unit acting as active is less healthy, it will try to become active.

Thanks

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to estelamathew

‎01-29-2011 06:08 AM

For both PIX/ASA and FWSM the information is true.

-KS

0 Helpful

Go to solution
estelamathew
Level 2
Level 2
In response to Kureli Sankar

‎01-29-2011 07:08 AM

Hello,

This is the combination i m planning for ASA image and ASDM image please confirm,I m on right path.????  what i see in release notes is 8.2.3 IOS with 6.3(4)

asa824-k8 for IOS

asdm-635 for ASDM.

Thanks.

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to estelamathew

‎01-29-2011 07:48 AM

Estella,

You should always double check here in the release note link for 8.2.4:

Simply google "asa 8.2 release note" and take the first hit.

http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html#wp309157

or the compatibility matrix here: http://www.cisco.com/en/US/docs/security/asa/compatibility/asamatrx.html

ASA 8.2(2)

ASDM 6.2(5) and later. Recommended: 6.3(5).

So yes, for 8.2.4 the recommended asdm is 6.3.5.

Good luck.

-Kureli

0 Helpful

Go to solution
estelamathew
Level 2
Level 2
In response to Kureli Sankar

‎01-29-2011 08:32 AM

Thanks,

I checked b4 posting ,the link u provided i have been through there is no information of 8.2.(4) IOS i found for  8.2 (2) as what u have paste in above mail that's the reason i posted it for confirmation for 8.2(4)

Thanks for ur support and replies.

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to estelamathew

‎01-29-2011 08:54 AM

Any time. Glad to help. Yes, if the link talks about 8.2, it should be the same for 8.2.x.

-KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card