Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 5540 failover pair, upgrade question

Hi,

We have an active / standby failover pair of ASA 5540 running 8.2 version in a production environment.

We have a task of upgrading ASA software to version 8.4.

We're quite familiar with the process of upgrading and looked through zero downtime manuals available.

The only question is what should we do with NAT, which should be completely rewritten according to 8.3 syntax.

Is it possible to upgrade like this:

- upgrade ios of the standby unit

- change NAT statements on a freshly upgraded standby ASA

- make that ASA with 8.3 active

- upgrade the second ASA

Thanks in advance.

3 REPLIES
VIP Green

ASA 5540 failover pair, upgrade question

Yes this is possible but the 8.2 version will need to be the last minor release version.

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/admin_swconfig.html#wp1380398

-- Please remember to rate and select a correct answer
New Member

ASA 5540 failover pair, upgrade question

Hi,

You don't have to do anything with NAT as it will be automatically converted from 8.2 NAT configuration into the new syntax.

Regards

Mariusz

New Member

ASA 5540 failover pair, upgrade question

Thank you both.

I'm a little bit afraid of automatic nat convertion - does it really work well and there is nothing to worry about?

Thank you.

161
Views
0
Helpful
3
Replies