Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
904
Views
0
Helpful
6
Replies

Major changes - migrating from 8.4(4)9 to 9.1.3

Go to solution
Ruterford
Level 1
Level 1

‎11-25-2013 06:05 AM - edited ‎03-11-2019 08:09 PM

Hello All!

I am planning to do the migration from our ASA 5510 over to 5545X.

Old ASA runs 8.4(4)9 and new one runs 9.1.3. I am wondering what the major changes are and what should I be paying major attention to.

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ruterford

‎11-25-2013 07:38 AM

No, the parser will modify the existing access-lists as necessary.

As noted in the 9.0 release notes, the old "any" keyword will be changed to "any4". ("any" now means any ipv4 or ipv6). That change applies for 9.1 as well.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-25-2013 06:09 AM

Being on 8.3+ already means you've already  passed the biggest changes - the NAT syntax one.

I'd say the next bigest one moving up to 9.x is uinfied access-list (ipv4 and ipv6). If you're not currently using ipv6 that's mostly a non-event for you.

Other than that, it's mostly new features that you be able to take advantage of. (and bug fixes too )

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP
In response to Marvin Rhoads

‎11-25-2013 06:14 AM

There are no major changes.  Have a look at this link to get an idea of the new features.

http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.html#wp586890

--

Please rate all helpful posts

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
Ruterford
Level 1
Level 1
In response to Marvin Rhoads

‎11-25-2013 07:25 AM

I am not using ipv6.

Does it meant that I need to change my existing access-lists somehow to accomodate them into the new software?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ruterford

‎11-25-2013 07:38 AM

No, the parser will modify the existing access-lists as necessary.

As noted in the 9.0 release notes, the old "any" keyword will be changed to "any4". ("any" now means any ipv4 or ipv6). That change applies for 9.1 as well.

0 Helpful

Go to solution
Ruterford
Level 1
Level 1
In response to Marvin Rhoads

‎12-01-2013 06:18 PM

Thanks Marvin,

Can I continue using "any" (implying ipv4+ipv6) if I dont have ipv6 addresses in any of my ASA interfaces?

Or ACL will be processing IPv6  traffic even if no IPV6 addresses configured?

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ruterford

‎12-01-2013 07:45 PM

You're welcome.

You can continue with the "any" keyword.

As far as I know, if there's no IPv6 address configured on the interface, the ASA will not "see" any IPv6 traffic.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card