ASA image upgradation from 8.04 to 8.2(2)

Unanswered Question
Sep 14th, 2010


Due to Bug#CSCsw88068 related to Signature alogorithm , I am planning to upgrade the asa image from 8.04 to 8.2(2)

My query is

1. Can I upgrade directly from 8.0 to 8.2.2 ?

2. There are few command syntex changed in 8.2. Do i need to change the command or image will take care of the configuration ?

3.Any other prerequisite/suggestion before upgrade..



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kureli Sankar Tue, 09/14/2010 - 04:47

You can upgrade 8.0 to 8.2.

Procedure is to copy the image on to the flash and change the boot system line.

copy tftp flash:  (and follow the prompt)

boot system flash:asa-822.bin (make sure to specify the exact file name)

ASA code:

ASDM image :

If you get the matching asdm file then you need to configure

asdm image flash:asdm-62.bin (make sure to specify the exact file name that you tftp over to flash)


amardram123 Tue, 09/14/2010 - 06:50

Thanks sankar,

But what about the configuration, do i need to change any configuration as there are change in syntax for some command ?

Box is running in failover(active/standby) mode

What is the hardware requirment..? My current hardware details are:


Cisco Adaptive Security Appliance Software Version 8.0(4)

Compiled on Thu 07-Aug-08 20:53 by builders
System image file is "disk0:/asa804-k8.bin"
Config file at boot was "startup-config"

ciscoasa up 40 secs

Hardware:   ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode   :  CN1000-MC-BOOT-2.00
                             SSL/IKE microcode:  CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode  :  CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0  : address is 0022.5597.2f9c, irq 9
1: Ext: GigabitEthernet0/1  : address is 0022.5597.2f9d, irq 9
2: Ext: GigabitEthernet0/2  : address is 0022.5597.2f9e, irq 9
3: Ext: GigabitEthernet0/3  : address is 0022.5597.2f9f, irq 9
4: Ext: Management0/0       : address is 0022.5597.2f9b, irq 11
5: Int: Not used            : irq 11
6: Int: Not used            : irq 5

Licensed features for this platform:
Maximum Physical Interfaces  : Unlimited
Maximum VLANs                : 150      
Inside Hosts                 : Unlimited
Failover                     : Active/Active
VPN-DES                      : Enabled  
VPN-3DES-AES                 : Disabled 
Security Contexts            : 2        
GTP/GPRS                     : Disabled 
VPN Peers                    : 750      
WebVPN Peers                 : 2        
AnyConnect for Mobile        : Disabled 
AnyConnect for Linksys phone : Disabled 
Advanced Endpoint Assessment : Disabled 
UC Proxy Sessions            : 2       

This platform has an ASA 5520 VPN Plus license.



Panos Kampanakis Tue, 09/14/2010 - 10:27

Yo do not need to change any commands, the CLI will remain the same and if there is a command that is going to change it will migrate automatically.

As for failover you must not stay in 8.0 and 8.2 on the units. You can do it during the upgrade process but you need to be in 8.2 in both after the upgrades.

The RAM is fine. Extra RAM is required for 8.3 only.

I hope it helps.



This Discussion