Hello Nikko,The old

fatalXerror · ‎07-09-2015

Hi Experts,

Good Day!

I would like to ask how can I downgrade my ASA from 9.x to 8.4?

I've already upgraded my secondary DC ASA from 8.4 to 9.x however, it does not automatically store the .CFG file as instructed in the Cisco documentation downgrading to 8.3.

Please advised.

Thanks.

James Leinweber · ‎07-10-2015

There are so many changes between 8.x and 9.x, particularly related to IPv6 support and the new semantics of the "any" keyword, that it is extremely unlikely you can simply run a 9.x config on 8.4. Cisco firmwares only offer upgrade support, not downgrade.

Plan on hand-editing the 9.x config to make it compatible with 8.4.

Can a put in a plug for revision control systems such as subversion here? You should have backup versions and a complete history of changes tucked away so that reversion and troubleshooting are easy.

The poor man's minimal care is to copy the startup-config to a text file, and then pull that off the ASA with scp into a folder of dated filenames. E.g.

asa> copy startup-config old.txt

linux$ scp asa:/old.txt /some/where/backup/up/startup-config_2015-07-10.txt

-- Jim Leinweber, WI State Lab of Hygiene

joseoroz · ‎07-13-2015

Hello Nikko,

The old configuration file will be created when you upgrade from a code older than 8.3 to 8.3 or above. This doesn't happen when you move between codes that have the new syntax introduced on 8.3.

James is correct. The ACL's introduced on code 9 for IPV6 will fail.

Now the question is what is the reason to do the downgrade?

Downgrade ASA from 9.1 to 8.4