Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1107
Views
0
Helpful
3
Replies

Question regarding ASA Upgrade Path 8.0(5) to 9.1.7(9)

Go to solution
roesch4alc
Level 1
Level 1

‎08-25-2016 07:02 AM - edited ‎03-12-2019 01:11 AM

Hi all,

I need to upgrade a ASA 5510 to the newest 9.1.7(9). Memory extension is installed. My question is about the upgrade path. Im a little bit confused after reading some statements about the upgrade process. Here (https://popravak.wordpress.com/2013/08/21/upgrade-cisco-asa-software/) I can read:

  • To upgrade from one minor release to another, we cannot skip a minor release number. For instance, we cannot upgrade from 7.0 to 7.2 directly. We should go from 7.0 to 7.1 and then to 7.2

Here (http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/upgrade/upgrade91.html) I read something different:

Current ASA Version
First Upgrade to:
Then Upgrade to:

8.2(x) and earlier

8.4(5)

9.1(3) or later

So whats right know? I assume, that the migration, described on the cisco site is correct and I can go from 8.0.5 to 8.4.(5) and then to 9.1.7(9).

Thanks for your help!

Regards

Sebastian

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎08-25-2016 08:34 AM

The first statement is/was kind of true (although the example is mostly wrong) when you add a "unless stated differently in the release-notes". And as you saw, typically the release-notes state that you can upgrade and skip many releases in between.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Karsten Iwen
VIP
VIP

‎08-25-2016 08:34 AM

The first statement is/was kind of true (although the example is mostly wrong) when you add a "unless stated differently in the release-notes". And as you saw, typically the release-notes state that you can upgrade and skip many releases in between.

0 Helpful

Go to solution
roesch4alc
Level 1
Level 1
In response to Karsten Iwen

‎08-29-2016 02:45 AM

Thanks,

I proceeded like described in the official release notes. The update and migration process went through without any problems. Only some No-NAT Rules are now multiplicated by factor 2... I will see why.

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to roesch4alc

‎08-29-2016 05:36 AM

The automatic migration is not producing optimal code when the NAT config is slightly more complex than a couple of lines. It"s getting even worse when you forget to remove "nat-control" before upgrading (or you want to use this "function").

I've always seen the upgrade as an opportunity to completely rewrite the NAT-config and not to migrate anything NAT-related.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card