Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
5030
Views
0
Helpful
5
Replies

ASA downgrade from 8.3 to 8.2

Go to solution
Kashish_Patel
Level 2
Level 2

ā€Ž05-31-2012 05:15 AM - edited ā€Ž03-11-2019 04:13 PM

Hi,

I want to downgrade my test ASA box from 8.3(2) to 8.2(2)16. I have gone through cisco doc  to know the downgrade command etc.

http://www.cisco.com/en/US/docs/security/asa/asa83/upgrading/migrating.html#wp72161

I also understand the configuration changes which will happen after I downgrade.

I don't  understand the effect of downgrade on activation keys and licenses as I am quite new to cisco ASA product line.

Can some ASA expert help me in understanding how the licenses and activation keys will be affected as a result of downgrading?

Here is an output from "show version":

Licensed features for this platform:

Maximum Physical Interfaces    : Unlimited      perpetual

Maximum VLANs                  : 100            perpetual

Inside Hosts                   : Unlimited      perpetual

Failover                       : Active/Active  perpetual

VPN-DES                        : Enabled        perpetual

VPN-3DES-AES                   : Enabled        perpetual

Security Contexts              : 2              perpetual

GTP/GPRS                       : Disabled       perpetual

SSL VPN Peers                  : 2              perpetual

Total VPN Peers                : 250            perpetual

Shared License                 : Disabled       perpetual

AnyConnect for Mobile          : Enabled        perpetual

AnyConnect for Cisco VPN Phone : Disabled       perpetual

AnyConnect Essentials          : Enabled        perpetual

Advanced Endpoint Assessment   : Disabled       perpetual

UC Phone Proxy Sessions        : 2              perpetual

Total UC Proxy Sessions        : 2              perpetual

Botnet Traffic Filter          : Disabled       perpetual

Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5510 Security Plus license.

Serial Number: JMX1040K08X

Running Permanent Activation Key: 0x150fc441 0x302a5c0d 0x55d0ad38 0xdd94d428 0x0b39e396

Configuration register is 0x1

Configuration last modified by enable_15 at 04:10:14.411 UTC Tue May 29 2012

PS: I rate useful posts.

Thanks,

Kashish

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

ā€Ž05-31-2012 05:59 AM

There won't be any affect by downgrading the ASA from 8.3 to 8.2 as most of your license are default license except the AnyConnect Essentials and AnyConnect for Mobile license.

One question that i have is are you running Active/Standby failover on the ASA, or you just have a standalone ASA?

If you have standalone ASA, then there is nothing to worry about.

If you have Active/Standby ASA, then you would need to check if your other ASA has the AnyConnect Essentials and AnyConnect Mobile license as well. If you don't, then the failover will get disabled. For version 8.2 and below, for failover to work, you would need to have the same license on both ASA. For version 8.3 and above, you don't have to have the same license on both ASA, and failover will work.

Hope that helps.

View solution in original post

0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to Kashish_Patel

ā€Ž05-31-2012 08:40 AM

Hi Kashish,

eith you downgrade or upgarde, it never affects the license or keys of the ASA, they would remain the same. Everything would work fine.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Kashish_Patel

ā€Ž05-31-2012 09:12 AM

Yes, you are right. Everything should work fine including licenses and keys.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

ā€Ž05-31-2012 05:59 AM

There won't be any affect by downgrading the ASA from 8.3 to 8.2 as most of your license are default license except the AnyConnect Essentials and AnyConnect for Mobile license.

One question that i have is are you running Active/Standby failover on the ASA, or you just have a standalone ASA?

If you have standalone ASA, then there is nothing to worry about.

If you have Active/Standby ASA, then you would need to check if your other ASA has the AnyConnect Essentials and AnyConnect Mobile license as well. If you don't, then the failover will get disabled. For version 8.2 and below, for failover to work, you would need to have the same license on both ASA. For version 8.3 and above, you don't have to have the same license on both ASA, and failover will work.

Hope that helps.

0 Helpful

Go to solution
Kashish_Patel
Level 2
Level 2
In response to Jennifer Halim

ā€Ž05-31-2012 08:08 AM

Hi Jennifer,

Thanks for replying.

>>

One question that i have is are you running Active/Standby failover on the ASA, or you just have a standalone ASA?

My unit is a standalone unit.

So even if I downgrade to 8.2 , everything should work fine right (including licenses and keys)?

Thanks,

Kashish

0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to Kashish_Patel

ā€Ž05-31-2012 08:40 AM

Hi Kashish,

eith you downgrade or upgarde, it never affects the license or keys of the ASA, they would remain the same. Everything would work fine.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao
0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Kashish_Patel

ā€Ž05-31-2012 09:12 AM

Yes, you are right. Everything should work fine including licenses and keys.

0 Helpful

Go to solution
Kashish_Patel
Level 2
Level 2
In response to Jennifer Halim

ā€Ž05-31-2012 09:32 AM

Thanks Jennifer and Varun.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card