Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1326
Views
0
Helpful
5
Replies

ASA 5580 Upgrade 8.2(4)-->8.4.3--Zero Downtime

Michael Soliman
Level 1
Level 1

‎03-21-2012 03:17 PM - edited ‎03-11-2019 03:45 PM

Hello Everyone

Currently we have two ASA 5580 in failover (Active/Standby) mode and the current version is 8.2(4),we need support ragrding some concerns

1-We have problem that when we do dynamic NAT for internal zone to outside zone we have to perform NAT examption from internal zone to all others zones(except outside) to keep no NAT,is the upgrade from 8.2.4 to 8.4.3 will solve this issue.

2-Could we upgarde to 8.4.3 with zero downtime and should we upgrade dirctly from 8.2.4 to 8.4.3 or we should go through 8.2.5---8.3.1---8.4.1

3-Regarding the current NAT statment we have in 8.2.4,do we need to reconfigure them again ,or it will work fine after upgrade.

Thanks

Labels:
0 Helpful
5 Replies 5

arikawahyono
Level 1
Level 1

‎03-22-2012 01:33 AM

Hi Michael,

You can directly upgrade from 8.2(4) to 8.4.3.

Because your ASA with failover, that possible zero downtime when you upgrade.

Thanks,

0 Helpful

Michael Soliman
Level 1
Level 1
In response to arikawahyono

‎03-22-2012 03:44 AM

Hello

Thanks for your reply,

I need to know if upgrade will solve the NAT issue and if I upgrade,NAT configuration will be auto-corrected or not.

0 Helpful

Michael Soliman
Level 1
Level 1
In response to Michael Soliman

‎03-23-2012 01:27 PM

Hello

When upgrading from 8.2.4 to 8.4.3 ,will i face problem for the configuration espically NAT configuration.

What is the benefits I will gain from upgrading?

Thanks

0 Helpful

mvsheik123
Level 7
Level 7
In response to Michael Soliman

‎03-23-2012 02:30 PM

Hi Michael,

The NAT changes should be done by the software but it is always good to have copy of previous version config to compare incase of any issues.

Now the benifits... Incase you are planning to upgrade to 8.4 because Cisco released new version- then I would say 'no' for it. Refer to the release notes http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html and if you need to use any of the new features listed, then you should go with upgrade. Note that 8.3 and above requires more memory.

hth

MS

0 Helpful

patrick.preuss
Level 1
Level 1
In response to mvsheik123

‎03-24-2012 02:17 PM

Hi Michael, Mike

yes be with you. have you are real reason to go to 8.4. 8.2.5 will be the next in the train ..

8.2 has no eol statement and so should at least be supported until 2013...

If you need memory keep in mind, your Hardware is supported until July 31, 2017 (EOS is from February 10, 2011).

http://www.cisco.com/en/US/products/ps6120/prod_eol_notices_list.html , maybe than its better to plan a complete Exchange ... 

hth

Patrick

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card