Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
992
Views
0
Helpful
6
Replies

Upgrade 5510 ASA 7.0(7) ADSM 5.0(7)

siltekinc
Level 1
Level 1

‎01-10-2013 12:21 PM - edited ‎03-11-2019 05:45 PM

I'm doing an upgrade this weekend, and a bit out of my realm at the moment.

I have a 5510 running ASA 7.0(7) ADSM 5.0(7), and I'm not sure what I need to upgrade to, or what path to take.

The ASA 5510 only has 256mb of RAM in it, so I see 8.3 is out of the picture. 

I would greatly appreciate it if someone would tell me what versions to aim for, and what the path I need to take is.  I read someplace that I had to increment 5.0 > 5.1 > 5.2 etc, and am somewhat confused.

Thank you very much.

Jim

Labels:
0 Helpful
6 Replies 6

Jouni Forss
VIP Alumni
VIP Alumni

‎01-10-2013 12:31 PM

Hi,

To my knowledge the latest version to go before the 8.3 would be 8.2(5)

And this is the ASA IOS

ASDM can be changed directly to the latest when you have upgraded the actual ASA IOS to 8.2(5)

Also to my understanding there are no real big changes related to configuration format between 7.0 - 8.2 softwares but aint 100% of this. You can attach your configuration here if you like us to check it out (remove public IP addresses, username/password information, etc)

My first thought was that you could actually jump straight away to the 8.2(5) software but naturally you can jump the software levels in steady increments as the Cisco documentation suggests. I dont think you would actually have that many jumps in the software. (To my understanding 7.0 -> 7.1 -> 7.2 -> 8.0 -> 8.2)

Are we talking about a single firewall or Failover pair of ASA 5510s?

- Jouni

0 Helpful

siltekinc
Level 1
Level 1
In response to Jouni Forss

‎01-10-2013 12:34 PM

Thanks, I was typing up my response while you wrote yours.

It's just a single 5510 with very little configuration on it.  I think there are only about 10 basic firewall rules and a few static NAT.

In all reality, I'm going to print out the config and probably wipe the box.

Last person to work on it before I put in a any/any inbound allow rule on it....

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to siltekinc

‎01-10-2013 12:38 PM

Hi,

Id say if you ASA doesnt contain any VPN configurations you are pretty safe to jump directly to the newest software (and I'm not 100% without checking if even VPN settings mattered).

I can't imagine any change to ACL and NAT rules between the 2 mentioned software versions of 7.0 and 8.2

- Jouni

0 Helpful

siltekinc
Level 1
Level 1

‎01-10-2013 12:32 PM

I finally got comfortable stumbling around cisco.com, and it looks like I'm answering my own questions.

With only have 256mb of RAM, and well over 20% free, 8.2 will work.

For the ASA 5510—Version 8.2 uses more base memory than previous releases, which might cause problems for some ASA 5510 users who are currently running low on free memory (as indicated in the

show memory

output). If your current

show memory output displays less than 20% free, we recommend upgrading the memory on the ASA 5510 from 256 MB to 1 GB before proceeding with the release 8.2 upgrade.For the ASA 5510—Version 8.2 uses more base memory than previous releases, which might cause problems for some ASA 5510 users who are currently running low on free memory (as indicated in the show memory output). If your current show memory output displays less than 20% free, we recommend upgrading the memory on the ASA 5510 from 256 MB to 1 GB before proceeding with the release 8.2 upgrade.

And for an upgrade path:

To ensure that your configuration updates correctly, you must upgrade to each major release in turn. Therefore, to upgrade from Version 7.0 to Version 8.2, first upgrade from 7.0 to 7.1, then from 7.1 to 7.2, and finally from Version 7.2 to Version 8.2 (8.1 was only available on the ASA 5580).

0 Helpful

siltekinc
Level 1
Level 1
In response to siltekinc

‎01-12-2013 09:54 AM

Successfully did my upgrade this morning.

Few notes:

If you do this incrementally for versions through the ADSM tool, make sure you switch out the ADSM file the same time when you go through a version change.  I locked myself out of ADSM when going to ASA 7.2 without upgrading ADSM to 5.2.

After fixing that through the console, I ended up going straight to 8.2 and ADSM 7.x with a couple issues.

1.  Firewall rules that had a port number configured instead of a service group stopped working.

2.  DHCP had issues.  Something about dhcp global being assigned to the same port as server

0 Helpful

Kureli Sankar
Cisco Employee
Cisco Employee
In response to siltekinc

‎01-12-2013 02:40 PM

Glad to hear. I will be discussing ASA/FWSM failover pair as well as single firewall upgrade in my upcoming webcast next Tue Jan 15th.

https://supportforums.cisco.com/community/netpro/expert-corner#view=webcasts

Upcoming Live Webcast in English: January 15, 2013
Troubleshooting ASA and Firewall Service Modules

Register today for this Cisco Support Community live webcast.

-Kureli

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card