Getting ready to upgrade a ASA 5520 from 7.2 code to 8.x, all because of the IPS module needs to be upgraded from 6.1 to 7.x.
(1) Should I expect a smooth upgrade (from 7.2 to 8.x) on the ASA box? Anyone runs into problem, gotcha kind of thing? ANy problem on the config file not being converted correctly?
(2) For the IPS part, do you or do you not to use the upgrade command within the IPS module? From the IPS's doc. it says to use the upgrade command. From ASA's doc. it says to use: hw-module command. If I understand this correctly, by using hw-module command to upgrade the IPS from within the ASA, it would wipe my IPS config file.Don't want to do that if I can help it.
(1) the upgrade should go smoothly and convert the config ok.
(2) if you upgrade the IPS from the ASA ("hw module" command) than it will re-image the module and wipe it is config, that is correct. Make sure you keep a copy of it. And I suggest to upgrade from the module with the patch in order to avoid a full reimage.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...