Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA5510 firmware upgrade for Active/Standby set up

Hi All,

I wish to upgarde a redundant pair of firewalls in a maintenance window. Downgtime is not an issue during two hour window.

We wish to upgrade from 7.2 to 8.3. Is it safe to download 8.x image to 5510s, set up boot system flash:/newimage, boot system flash:/oldimage and then reload the firewalls? I can certainly also failover to secondary and then uograde primary and then revert back control to primary and then upgrade secondary, but not sure if I need to migrate from 7.2 to something like 7.9 and then 8.0 and 8.3 for each firewall. I tried to do some research on Cisco docs, but I could not find answer, though I am sure it is buried somewhere.

Please advise.

Thanks a lot.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Re: ASA5510 firmware upgrade for Active/Standby set up

What is the reason to go to 8.3? Are you looking for new features?

If you want to upgrade just because the new code is available, then I'd like to suggest to go to 8.2.

8.3 has memory requirements for all platform. There have been many changes in the NAT is configured.

You can read in the release notes here: http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html

-KS

Community Member

Re: ASA5510 firmware upgrade for Active/Standby set up

hi

For zero downtime , ensure to upgrade from version 7.2 -> 8.0 -> 8.2 , if the same is done within a downtime then 7.2 -> 8.2 cane be done directly

4 REPLIES
Cisco Employee

Re: ASA5510 firmware upgrade for Active/Standby set up

What is the reason to go to 8.3? Are you looking for new features?

If you want to upgrade just because the new code is available, then I'd like to suggest to go to 8.2.

8.3 has memory requirements for all platform. There have been many changes in the NAT is configured.

You can read in the release notes here: http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html

-KS

Community Member

Re: ASA5510 firmware upgrade for Active/Standby set up

Thanks KS for your advice. The reason to upgrade is PCI compliance for two factor authentication, which is supported on 8.x.

I agree if 8.3 requires a ton of additonal DRAM, then 8.2.x will do for our application. And as I indicated, down time is not an issue, in that case, do you forsee any issues in downloading 8.2.x code and then reload the firewall. Hopefully there is nothing like boot rom upgrade that requires intermediate code?

Thanks again.

Community Member

Re: ASA5510 firmware upgrade for Active/Standby set up

hi

For zero downtime , ensure to upgrade from version 7.2 -> 8.0 -> 8.2 , if the same is done within a downtime then 7.2 -> 8.2 cane be done directly

Community Member

Re: ASA5510 firmware upgrade for Active/Standby set up

Thanks Ankurs for your advice. I am planning to do it over this weekend for direct upgrade to 8.2.2.

1541
Views
0
Helpful
4
Replies
CreatePlease to create content