02-22-2008 12:10 PM - edited 03-11-2019 05:07 AM
The Cisco docs talk about needing to be at a 7.2 version before upgrading to 8.0.x. However, I haven't really found a reason why that is.
I went into my lab and put the same version that my production ASA is running and dropped the same config on it. I then uploaded 8.0.3(6) and booted. I've seen no errors. All commands took. I upgraded ASDM as well.
By the way, I'm upgrading to 8.0.3 for the eigrp features. Anybody know why I wouldn't be able to go straight from 7.0x to 8.0.3??
02-22-2008 12:53 PM
Hi David
There have been considerable improvements in WebVPN & SSL VPN. Related lines of configs that contain one of them may not apply unlike your implementation in your lab. PIX devices used to warn you like "this command is depreceated .." for configs contain conduits (which should be converted to statics). You might face something similar.
Regards
02-23-2008 11:54 PM
Upgrading to 7.2 before 8.0(3) will not take too much extra time.
The ASA's have a lot of flash space, and just put the image for 7.2 as well as 8.0(3) on it. Use only CLI access during the upgrade.
Boot to 7.2, check errors with "show startup-config errors" for conversion errors between boots, fix the offending commands, do a "clear startup-config errors" and reboot again until you don't get any more errors.
Note that if you already use VPNs and NAT-traversal, I have experienced that 8.0.x versions have a tendency to add the line "no isakmp nat-traversal" to your config after upgrades (happened both times when upgrading to 8.0.2 and 8.0.3).
Harald.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide