ASA version to support SSM-10 6.0

Unanswered Question
Jun 22nd, 2009
User Badges:

Hi all.

I have two ASA 5510 in Active/Standby each with ASA-SSM-10. This is a new setup.

ASA ver is 7.0(8)

IPS ver is 6.0(4)E1

When I go to configure IPS within the ASDM it tells me "sensor major version is newer than the supported version"

I presume I need to upgrade the ASAs, but I can not find out what version I need. I want a stable version not the latest and buggiest. 7.2(4) seems to have heaps of caveats as does anything in 8.X.

Thanks for any help.

Scotty


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
scottyd Tue, 06/23/2009 - 13:11
User Badges:

Michael, thanks for that. I find it so hard to find these things on the Cisco website at times.

Now time to descide what version to use.

Scott

michael.d.brown... Tue, 06/23/2009 - 16:27
User Badges:

not a problem, if it helps i have around 75 primary asa's and 30 secondaries utilizing 5510's and 5520's running asa 8.0.4, asdm 6.1.5 and the IPS modules are 6.1(2)E3 without any issues. I do have an issue with that IPS code level and that infamous smb bug that cause the IPS modules to fail and go into bypass mode, but nothing else.


If you decide to upgrade to the 8.x release on your ASAs, just keep watch of the memory uilization and features you enable

scottyd Tue, 06/23/2009 - 16:35
User Badges:

Hi Michael,

It seems that 8.0.4 has heaps of open cavets. I was going to go for 8.2(1) which has less. And also concerned about mem usage. What are your thoughts on 8.2?

Scotty

michael.d.brown... Tue, 06/23/2009 - 17:07
User Badges:

also keep in mind that the 8.0.x code has been in production for quite a while and the 8.2 branch was just released so not that many bugs/issues have been found as compared to 8.0.4 yet. a quick check on bugtoolkit showed 69 open caveats and 1121 fixed for 8.2.x as compared to 8.0.x with having 229 open and 1835 closed (it all relative). still, I want to upgrade but at the moment I am holding off as the memory requirements are a bit higher and if your ASAs are running low on memory you need to purchase the new memory upgrade kit(256mb-to-512mb). I have firewalls that vary in memory utilization so I would need to upgrade them in order to feel *safe about using the 8.2 code on them. Plus I will have to figure out upgrading the memory on ASAs that are in a remote data center that do not have a technical person onsite :) what fun haha


scottyd Tue, 06/23/2009 - 17:35
User Badges:

Yes I thought that might be the case, that it has not been out long enough to find issues. When will Cisco stablilise their versions? I think I will go with 8.0.

Good luck with your RAM upgrade. I have not seen the command to TFTP silicone chips yet.

Actions

This Discussion