Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA downgrade from 8.3 to 8.2

Hi,

I want to downgrade my test ASA box from 8.3(2) to 8.2(2)16. I have gone through cisco doc  to know the downgrade command etc.

http://www.cisco.com/en/US/docs/security/asa/asa83/upgrading/migrating.html#wp72161

I also understand the configuration changes which will happen after I downgrade.

I don't  understand the effect of downgrade on activation keys and licenses as I am quite new to cisco ASA product line.

Can some ASA expert help me in understanding how the licenses and activation keys will be affected as a result of downgrading?

Here is an output from "show version":

Licensed features for this platform:

Maximum Physical Interfaces    : Unlimited      perpetual

Maximum VLANs                  : 100            perpetual

Inside Hosts                   : Unlimited      perpetual

Failover                       : Active/Active  perpetual

VPN-DES                        : Enabled        perpetual

VPN-3DES-AES                   : Enabled        perpetual

Security Contexts              : 2              perpetual

GTP/GPRS                       : Disabled       perpetual

SSL VPN Peers                  : 2              perpetual

Total VPN Peers                : 250            perpetual

Shared License                 : Disabled       perpetual

AnyConnect for Mobile          : Enabled        perpetual

AnyConnect for Cisco VPN Phone : Disabled       perpetual

AnyConnect Essentials          : Enabled        perpetual

Advanced Endpoint Assessment   : Disabled       perpetual

UC Phone Proxy Sessions        : 2              perpetual

Total UC Proxy Sessions        : 2              perpetual

Botnet Traffic Filter          : Disabled       perpetual

Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5510 Security Plus license.

Serial Number: JMX1040K08X

Running Permanent Activation Key: 0x150fc441 0x302a5c0d 0x55d0ad38 0xdd94d428 0x0b39e396

Configuration register is 0x1

Configuration last modified by enable_15 at 04:10:14.411 UTC Tue May 29 2012

PS: I rate useful posts.

Thanks,

Kashish

Everyone's tags (5)
3 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

ASA downgrade from 8.3 to 8.2

There won't be any affect by downgrading the ASA from 8.3 to 8.2 as most of your license are default license except the AnyConnect Essentials and AnyConnect for Mobile license.

One question that i have is are you running Active/Standby failover on the ASA, or you just have a standalone ASA?

If you have standalone ASA, then there is nothing to worry about.

If you have Active/Standby ASA, then you would need to check if your other ASA has the AnyConnect Essentials and AnyConnect Mobile license as well. If you don't, then the failover will get disabled. For version 8.2 and below, for failover to work, you would need to have the same license on both ASA. For version 8.3 and above, you don't have to have the same license on both ASA, and failover will work.

Hope that helps.

Red

ASA downgrade from 8.3 to 8.2

Hi Kashish,

eith you downgrade or upgarde, it never affects the license or keys of the ASA, they would remain the same. Everything would work fine.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC
Cisco Employee

ASA downgrade from 8.3 to 8.2

Yes, you are right. Everything should work fine including licenses and keys.

5 REPLIES
Cisco Employee

ASA downgrade from 8.3 to 8.2

There won't be any affect by downgrading the ASA from 8.3 to 8.2 as most of your license are default license except the AnyConnect Essentials and AnyConnect for Mobile license.

One question that i have is are you running Active/Standby failover on the ASA, or you just have a standalone ASA?

If you have standalone ASA, then there is nothing to worry about.

If you have Active/Standby ASA, then you would need to check if your other ASA has the AnyConnect Essentials and AnyConnect Mobile license as well. If you don't, then the failover will get disabled. For version 8.2 and below, for failover to work, you would need to have the same license on both ASA. For version 8.3 and above, you don't have to have the same license on both ASA, and failover will work.

Hope that helps.

New Member

ASA downgrade from 8.3 to 8.2

Hi Jennifer,

Thanks for replying.

>>

One question that i have is are you running Active/Standby failover on the ASA, or you just have a standalone ASA?

My unit is a standalone unit.

So even if I downgrade to 8.2 , everything should work fine right (including licenses and keys)?

Thanks,

Kashish

Red

ASA downgrade from 8.3 to 8.2

Hi Kashish,

eith you downgrade or upgarde, it never affects the license or keys of the ASA, they would remain the same. Everything would work fine.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC
Cisco Employee

ASA downgrade from 8.3 to 8.2

Yes, you are right. Everything should work fine including licenses and keys.

New Member

ASA downgrade from 8.3 to 8.2

Thanks Jennifer and Varun.

4044
Views
0
Helpful
5
Replies
CreatePlease to create content