03-21-2012 03:17 PM - edited 03-11-2019 03:45 PM
Hello Everyone
Currently we have two ASA 5580 in failover (Active/Standby) mode and the current version is 8.2(4),we need support ragrding some concerns
1-We have problem that when we do dynamic NAT for internal zone to outside zone we have to perform NAT examption from internal zone to all others zones(except outside) to keep no NAT,is the upgrade from 8.2.4 to 8.4.3 will solve this issue.
2-Could we upgarde to 8.4.3 with zero downtime and should we upgrade dirctly from 8.2.4 to 8.4.3 or we should go through 8.2.5---8.3.1---8.4.1
3-Regarding the current NAT statment we have in 8.2.4,do we need to reconfigure them again ,or it will work fine after upgrade.
Thanks
03-22-2012 01:33 AM
Hi Michael,
You can directly upgrade from 8.2(4) to 8.4.3.
Because your ASA with failover, that possible zero downtime when you upgrade.
Thanks,
03-22-2012 03:44 AM
Hello
Thanks for your reply,
I need to know if upgrade will solve the NAT issue and if I upgrade,NAT configuration will be auto-corrected or not.
03-23-2012 01:27 PM
Hello
When upgrading from 8.2.4 to 8.4.3 ,will i face problem for the configuration espically NAT configuration.
What is the benefits I will gain from upgrading?
Thanks
03-23-2012 02:30 PM
Hi Michael,
The NAT changes should be done by the software but it is always good to have copy of previous version config to compare incase of any issues.
Now the benifits... Incase you are planning to upgrade to 8.4 because Cisco released new version- then I would say 'no' for it. Refer to the release notes http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html and if you need to use any of the new features listed, then you should go with upgrade. Note that 8.3 and above requires more memory.
hth
MS
03-24-2012 02:17 PM
Hi Michael, Mike
yes be with you. have you are real reason to go to 8.4. 8.2.5 will be the next in the train ..
8.2 has no eol statement and so should at least be supported until 2013...
If you need memory keep in mind, your Hardware is supported until July 31, 2017 (EOS is from February 10, 2011).
http://www.cisco.com/en/US/products/ps6120/prod_eol_notices_list.html , maybe than its better to plan a complete Exchange ...
hth
Patrick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: