Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1012
Views
5
Helpful
1
Replies

upgrading asa5520 old firmware

baselzind
Level 6
Level 6

‎07-08-2019 04:12 AM - edited ‎02-21-2020 09:17 AM

i have a ASA5520  with a ASA-SSM-10 with asa version 8.2(2) and asdm 6.3 , i need to upgrade it to the lastest which is 9.1.7 and asdm 7.8.1 , my question is that can i jump directly to these versions? or is there intermediate versions?

also should i upgrade the firmware first then the asdm or the other way around?

also what is this ASA-SSM-10? is it some kind of ips?

would i get any configuration change?

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-08-2019 04:38 AM

You cannot upgrade directly. the release notes show this sequence:

Current ASA Version
First Upgrade to:
Then Upgrade to:

8.2(x) and earlier

8.4(5)

9.1(3) or later

Source:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/release/notes/asarn91.html#pgfId-763574

Going to 8.3+ introduces significant change in NAT and ACL syntax. There are dozens of posts regarding this.

Also, please take time to make sure you understand your current configuration before doing anything. Carefully follow the upgrade sequence and test your configuration both before AND after the changes. Be sure to have a current and complete backup prior to starting - and know how to use it.

 

Your ASDM can manage both old and new ASA versions so you can safely upgrade it first.

 

The ASA-SSM-10 is a very old IPS module and is no longer sold or supported. It is next to useless but you should check if it is in use by looking for a service-policy in your current config that directs traffic to it via a policy map and class map combination.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top