10-25-2013 06:55 AM - edited 03-11-2019 07:56 PM
Hello,
We have an ASA 5550 in a old version (7.2(4)) and we want to update it. How should I choose the version that I will update to?
Is it recommended to update to the last version available?
Here is the show version from the equipment:
Cisco Adaptive Security Appliance Software Version 7.2(4)
Device Manager Version 5.2(4)
Compiled on Sun 06-Apr-08 13:39 by builders
System image file is "disk0:/asa724-k8.bin"
Config file at boot was "startup-config"
X up 4 years 178 days
failover cluster up 4 years 178 days
Hardware: ASA5550, 4096 MB RAM, CPU Pentium 4 3000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CNlite-MC-Boot-Cisco-1.2
SSL/IKE microcode: CNlite-MC-IPSEC-Admin-3.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0 : address is X, irq 9
1: Ext: GigabitEthernet0/1 : address is X, irq 9
2: Ext: GigabitEthernet0/2 : address is X, irq 9
3: Ext: GigabitEthernet0/3 : address is X, irq 9
4: Ext: Management0/0 : address is X, irq 11
5: Int: Internal-Data0/0 : address is X, irq 11
6: Int: Not used : irq 5
7: Ext: GigabitEthernet1/0 : address is X, irq 255
8: Ext: GigabitEthernet1/1 : address is X, irq 255
9: Ext: GigabitEthernet1/2 : address is X, irq 255
10: Ext: GigabitEthernet1/3 : address is X, irq 255
11: Int: Internal-Data1/0 : address is X, irq 255
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 250
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 5000
WebVPN Peers : 2
This platform has an ASA 5550 VPN Premium license.
Regards,
Claudio
Solved! Go to Solution.
10-25-2013 07:00 AM
Hello Claudio,
It is always good to be at the last available OS image but you first must check the release notes for known bugs, etc.
My recommendation is go to a higher version than 8.3 (I would go to the 9.x track where you have a plenty of features that will let you protect your network and optimize your network).
By the way you have an amazing box (5550) take as much as possible from that device
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
10-25-2013 07:00 AM
Hello Claudio,
It is always good to be at the last available OS image but you first must check the release notes for known bugs, etc.
My recommendation is go to a higher version than 8.3 (I would go to the 9.x track where you have a plenty of features that will let you protect your network and optimize your network).
By the way you have an amazing box (5550) take as much as possible from that device
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
10-25-2013 07:14 AM
And in addition to Julios advice (9.x is a great release also in my opinion): You should be aware that you have to upgrade in a couple of small steps so that the config can be migrated. I would first upgrade to the latest 8.0 release and then to the latest 8.2. That should go really smooth. The next upgrade to 8.4 will need many manual corrections for the NAT-migration as the automatic migration has never worked well for my ASAs and I have never heard that anyone was happy with the result of the automatic migration. After that, the last step to the latest v9 will again run quite smooth.
But as usual, read the release-notes to be aware of problems that are specific to your environment.
Sent from Cisco Technical Support iPad App
10-25-2013 08:05 AM
Thanks for the answers Julio and Karsten
10-25-2013 08:11 AM
Hello Claudio,
Our pleasure to help,
If you do not have any other question please mark it as answered.
Rate all of the helpful posts!!!
Regards,
Jcarvaja
Follow me on http://laguiadelnetworking.com
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide