Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
2
Replies

need help to upgrade ASA 5540 in failover

roy.rahul
Level 1
Level 1

‎02-12-2013 06:51 AM

Hello

I have 2 ASA 5540 in our network. I want to upgrade it from 8.0.4 to 8.4.3. I want assistance in the configuration because I know that there is a change a configuration while migrating from 8.0.4 to 8.4.3.

Is there any tool available on Internet that helps me to convert the current configuration computable to 8.4.3


Thanks in advance.

Sent from Cisco Technical Support iPhone App

Labels:
0 Helpful
2 Replies 2

Jouni Forss
VIP Alumni
VIP Alumni

‎02-12-2013 08:13 AM

Hi,

To my knowledge there is no official tool for this but I have never really looked for one.

If you simply boot the device with the new software the ASA will automatically convert the old configurations but this might not be ideal. (Though I have little expirience on how the conversion goes as I dont use it myself)

If you want to risk the redudancy of the current network you could always remove the Standby firewall, boot it with new software and see how the configurations are converted. There will ofcourse be the problem on how you are going to confirm that the automatically converted configuration work. You might probably be looking at network downtime in any case.

If you have some NAT configurations that you need the new format configurations for I could try to help you there. Give you some samply configurations that you could then apply to rewrite the configurations.

Also "packet-tracer" is an excellent tool to test the NAT and ACL rules on the ASA itself before and after upgrade of software.

- Jouni

0 Helpful

Karsten Iwen
VIP
VIP

‎02-12-2013 11:11 PM

The config will be migrated if you follow the supported upgrade-way. You have to first upgrade to 8.2 and then to 8.3 and then to 8.4. If you upgrade directly from 8.0 to 8.4, the config will not be migrated. With the supported way you can upgrade without any service-interruption.

Before upgrading you should read the release-notes and the Migration-guide:

http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html
http://www.cisco.com/en/US/docs/security/asa/asa83/upgrading/migrating.html

But be prepared to clean up the config after the migration to 8.3. Depending on your actual config, the automatically generated config will be a mess.


Sent from Cisco Technical Support iPad App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents