cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1459
Views
10
Helpful
7
Replies

ASA 5510 ios

Carlomd
Level 1
Level 1

  Hello all, pretty new here, just got a used 5510 with ASA 8.2(1), was wondering before I configure it and put it to replace our old firewall, should I upgrade to a newer or latest (9.1) ver of ASA?

I'm not totally new to IOS, I have background with routers in the past but new to ASA.  I've read about the changes on syntax starting with 8.3 and up, and upgrade paths, if there are security fixes on the newer versions then it'll be worth it, if there's no reason then I can just stay on 8.2, thanks in advanced.

carlo

4 Accepted Solutions

Accepted Solutions

Itzcoatl Espinosa
Cisco Employee
Cisco Employee

Hi Carlo,

New features have been introduced since 8.3 version. I believe you should check the release  notes for these versions and decide if upgrading is a better choice.

These documents include the known issues, fixes and new features.

http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html

http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html

http://www.cisco.com/en/US/docs/security/asa/asa90/release/notes/asarn90.html

http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.html

I hope it helps

regards,

Itzcoatl

View solution in original post

Maykol Rojas
Cisco Employee
Cisco Employee

Hi Carlo.

It depends mainly on the memory that it has. If you have 256 MB of RAM, you wont be able to run the latest version (9) and you would need to upgrade the memory.

That being said, both versions runs fine, however there is a huge difference on NAT syntax, plus less features and so on.

If you dont have configuration on the Unit, It has the proper memory in it, you can just update the code in it by changing the boot variable to 9, no upgrade path is needed.

Mike

Mike

View solution in original post

You're welcome.

9.1(2) is probably your best bet right now if you can line up that support contract. 9.1(3) is just out a couple of weeks and a few people have reported issues with it so it's a bit early to jump on it for most shops (though it might be fine for a lab).

By the way, ASAs don't run IOS - the system image is just called ASA software.

Please mark your question as answered when it has been and rate useful responses. Thanks,

View solution in original post

I would highly recommend you to run version 9.1.3.

You can just boot the new image.

Mike Rojas

Security Technical Lead

Mike

View solution in original post

7 Replies 7

Itzcoatl Espinosa
Cisco Employee
Cisco Employee

Hi Carlo,

New features have been introduced since 8.3 version. I believe you should check the release  notes for these versions and decide if upgrading is a better choice.

These documents include the known issues, fixes and new features.

http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html

http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html

http://www.cisco.com/en/US/docs/security/asa/asa90/release/notes/asarn90.html

http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.html

I hope it helps

regards,

Itzcoatl

Maykol Rojas
Cisco Employee
Cisco Employee

Hi Carlo.

It depends mainly on the memory that it has. If you have 256 MB of RAM, you wont be able to run the latest version (9) and you would need to upgrade the memory.

That being said, both versions runs fine, however there is a huge difference on NAT syntax, plus less features and so on.

If you dont have configuration on the Unit, It has the proper memory in it, you can just update the code in it by changing the boot variable to 9, no upgrade path is needed.

Mike

Mike

Marvin Rhoads
Hall of Fame
Hall of Fame

Earlier responses are all correct, plus...

There are lots of security fixes and other things in the later versions. Your 8.2(1) is very old.

However, an upgrade requires a support agreemeent (Smartnet) with Cisco. Depending on the channel you purchased the used unit via, this may or may not be possible.

Hey thanks for all the replies guys, so it can run v9, I do have 1gb of ram so I'm good. this was a refurb from a local reseller, problem is I don't have a smartnet contract, I'm trying to see which places has a good deal on smartnet, anyone know any? So best bet is to go v9, it's a blank system I haven't configured anything yet, it will be in a lab setup for a while since I'm refreshing my IOS knowledge. Thanks again guys

carlo

You're welcome.

9.1(2) is probably your best bet right now if you can line up that support contract. 9.1(3) is just out a couple of weeks and a few people have reported issues with it so it's a bit early to jump on it for most shops (though it might be fine for a lab).

By the way, ASAs don't run IOS - the system image is just called ASA software.

Please mark your question as answered when it has been and rate useful responses. Thanks,

Gotcha on the ASA, thanks

I would highly recommend you to run version 9.1.3.

You can just boot the new image.

Mike Rojas

Security Technical Lead

Mike
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: