cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19463
Views
15
Helpful
4
Replies

Update C3850 from 3.x to 16.x

flokki123
Level 3
Level 3

Hi all,

Iam about to update a stack of two C3850 switches from a 3.x version to a 16.x version.

Somewhere I read that you have to generate a new RSA key before the update. Is that correct?

And are there any other things to keep in mind?

 

Thanks for any help!

1 Accepted Solution

Accepted Solutions

Leo Laohoo
Hall of Fame
Hall of Fame

@flokki123 wrote:

Somewhere I read that you have to generate a new RSA key before the update. Is that correct?


No, I don't think so. 



@flokki123 wrote:

And are there any other things to keep in mind?


View solution in original post

4 Replies 4

Leo Laohoo
Hall of Fame
Hall of Fame

@flokki123 wrote:

Somewhere I read that you have to generate a new RSA key before the update. Is that correct?


No, I don't think so. 



@flokki123 wrote:

And are there any other things to keep in mind?


Hey guys,

 

thanks a lot for your help!

Apparently the new RSA key is only necessary with version 16.3.5.

"When you upgrade to Cisco IOS XE Denali 16.3.5 the SSH access is lost, because it cannot use the CISCO_IDEVID_SUDI_LEGACY RSA server key. Before upgrade, generate the server key using the crypto key generate rsa command in global configuration mode.
To verify whether the RSA server key is available on your device, run the show crypto key command."

 

BR

@Leo Laohoo  
"Please note that you're going from 3.X to 16.X.  This means there will be a one-off microcode upgrade.  Depending on the exact version, this will add 15 minutes (approximately) to the bootup"

 

I just want to thank you for this update - Upgraded 3850 stack from 3.x to 16.x - faced 15 minutes of additional downtime but no issues with RSA post upgrade. Thank you very much to Cisco Community.

Review Cisco Networking for a $25 gift card