Dear membersI'm upgrading a pair of ASA5510 from 8.4.1 to 8.4.6 using the strategy of 0 downtime, upgrading the Stanby ASA first and switching it to active.After switch the ASA5510 version 8.4.6, the outside acl seems to stop working.I open the debug...
Marvin, do you think that if I follow those steps but skip the last 2 steps ( log into newly active unit and "failover reload-standby" and wait for succeful reload and verify configuration is synced OK. Both units are now on 9.1(1).), leaving the Act...
Hi membersThis morning I got success upgrading both ASA from 8.4(1) to 8.4(3) using the 0 downtime technique,However, after that, I tried to upgrade to 8.4(5) with no success and to 8.4(6) with no sucess too.While in 8.4(5) version, I tried several p...
Hi JohnYes, Active-Standby ASA setup.I did the failover to 8.4(6) ASA this morning (2:00AM) and all the access stop working.When I did the packet-trace in the vpn/sec/stby with 8.4(1) version, I got an everything ALLOW but an DROP due to be in a Stan...
Hi John, the active ASA is working fine and is in production. As I told, the problem occurs when I upgrade the version of the Standby ASA in order to follow the zero downtime technique proposed by Cisco. The new version 8.4(5), 8.4.(6) or 8.4(7) seem...
I've just reload the Standby ASA with 8.4(6) version and the result is a DROP:vpn/sec/stby# packet-tracer input outside tcp 8.8.8.8 12345 200.196.235.46 dom$Phase: 1Type: ROUTE-LOOKUPSubtype: inputResult: ALLOWConfig:Additional Information:in 200.196...
