Firmware for the ASA-5505

Unanswered Question
Jul 1st, 2010

I work with a non profit and we recently (this week) got a new ASA-5505 to do general firewall and VPN (remote network access via IPSec) tasks. The installed firmware is V7.2(4). Seeing that the latest firmware is 8.3(1), is there any reason to stay with 7.2(4)? Generally I'd update to a more recent version without too much thought (provided there are no reports of major bugs), but the fact that this just came from the factory with 7.2(4) has me wondering what the reasons are to stick with that release. The 5505 does have 512MB of RAM, so hardware capabilities do not seem to be an issue.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Jennifer Halim Thu, 07/01/2010 - 19:14

I am not sure how familiar you are with Cisco firewall (ASA or PIX), however, i would recommend that you upgrade it to either 8.0.5 or 8.2.2, instead of the latest 8.3.1.

Reason being with version 8.3.1, there is a complete change of the NAT, so if you are familiar with the older NAT configuration, you will need to re-learn the new NAT feature in version 8.3.1.

Here is the release notes for version 8.3.1 for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html

Here is the configuration guide for NAT in 8.3.1:

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/nat_overview.html#wp1122015

As version 8.3.1 is a new version, there tends to be more software bugs, so it might be better if you upgrade it to the earlier version of 8.x code (either 8.0.5 or 8.2.2).

Hope that answers your question.

Actions

Login or Register to take actions

This Discussion

Posted July 1, 2010 at 7:06 PM
Stats:
Replies:1 Avg. Rating:
Views:7075 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard