cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Webcast- Catalyst 9000
310
Views
5
Helpful
4
Replies
Beginner

Migration HostScan 4.3 to 4.6 questions

Hi!

 

We are going to migrate from HostScan 4.3.05058 to 4.6.03051. We are going to be using this guide from Cisco: https://www.cisco.com/c/en/us/td/docs/security/asa/migration/guide/HostscanMigration43x-46x.html#id_94544

 

The questions:

-6 months ago we mistakenly tried to upgrade to HostScan 4.6 (we reverted immediately back to 4.3) without knowing the migration and by such the Hostscan_Migration_Backup files has been created. But that was 6 months ago and we have made several changes to the DAP policy since then. How can I make sure that the "Hostscan_Migration_Backup" is up to date now when I am going to perform the migration?

 

-We do not have a test environment so when we do this it will have to be live in prod. So is this considered to be a low risk for it to go wrong -- regarding the ASDM migration? Anyone who has experience migrating?

 

Grateful for answers!

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Master

Re: Migration HostScan 4.3 to 4.6 questions

Delete the earlier Hostscan_Migration_Backup directory on your ASA and re-start the migration. It will make a fresh copy using your current policies. 

 

Follow the steps in the document your referenced carefully and it should migrate everything fine.

 

If anything goes wrong you can always restore the previous running-config and copy in the old policy files and you will have reverted to your original configuration. At that point you could engage TAC for a troubleshooting session.

4 REPLIES 4
Highlighted
Hall of Fame Master

Re: Migration HostScan 4.3 to 4.6 questions

Delete the earlier Hostscan_Migration_Backup directory on your ASA and re-start the migration. It will make a fresh copy using your current policies. 

 

Follow the steps in the document your referenced carefully and it should migrate everything fine.

 

If anything goes wrong you can always restore the previous running-config and copy in the old policy files and you will have reverted to your original configuration. At that point you could engage TAC for a troubleshooting session.

Beginner

Re: Migration HostScan 4.3 to 4.6 questions

Thank you for the answer! I will do that!

Beginner

Re: Migration HostScan 4.3 to 4.6 questions

We have now performed the upgrade from 4.3. to 4.6. It went well, took about 2 hours since we have a lot of DAP entries. The guide was very good!

 

I was able to test in an ASA 5506x before I did the change in the production env 5545x. What i noticed in ASA 5506x was that ASDM hanged after step 5. So I had to restart the ASA before being able to contioue to step 6.

Hall of Fame Master

Re: Migration HostScan 4.3 to 4.6 questions

Thanks for letting us know the outcome. Input like that improves the quality of the content for everybody reading.