Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Major changes - migrating from 8.4(4)9 to 9.1.3

Hello All!

I am planning to do the migration from our ASA 5510 over to 5545X.

Old ASA runs 8.4(4)9 and new one runs 9.1.3. I am wondering what the major changes are and what should I be paying major attention to.

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Major changes - migrating from 8.4(4)9 to 9.1.3

No, the parser will modify the existing access-lists as necessary.

As noted in the 9.0 release notes, the old "any" keyword will be changed to "any4". ("any" now means any ipv4 or ipv6). That change applies for 9.1 as well.

6 REPLIES
Hall of Fame Super Silver

Major changes - migrating from 8.4(4)9 to 9.1.3

Being on 8.3+ already means you've already  passed the biggest changes - the NAT syntax one.

I'd say the next bigest one moving up to 9.x is uinfied access-list (ipv4 and ipv6). If you're not currently using ipv6 that's mostly a non-event for you.

Other than that, it's mostly new features that you be able to take advantage of. (and bug fixes too )

VIP Green

Major changes - migrating from 8.4(4)9 to 9.1.3

There are no major changes.  Have a look at this link to get an idea of the new features.

http://www.cisco.com/en/US/docs/security/asa/asa91/release/notes/asarn91.html#wp586890

--

Please rate all helpful posts

--

Please remember to rate and select a correct answer
New Member

Major changes - migrating from 8.4(4)9 to 9.1.3

I am not using ipv6.

Does it meant that I need to change my existing access-lists somehow to accomodate them into the new software?

Hall of Fame Super Silver

Major changes - migrating from 8.4(4)9 to 9.1.3

No, the parser will modify the existing access-lists as necessary.

As noted in the 9.0 release notes, the old "any" keyword will be changed to "any4". ("any" now means any ipv4 or ipv6). That change applies for 9.1 as well.

New Member

Major changes - migrating from 8.4(4)9 to 9.1.3

Thanks Marvin,

Can I continue using "any" (implying ipv4+ipv6) if I dont have ipv6 addresses in any of my ASA interfaces?

Or ACL will be processing IPv6  traffic even if no IPV6 addresses configured?

Hall of Fame Super Silver

Major changes - migrating from 8.4(4)9 to 9.1.3

You're welcome.

You can continue with the "any" keyword.

As far as I know, if there's no IPv6 address configured on the interface, the ASA will not "see" any IPv6 traffic.

194
Views
0
Helpful
6
Replies
CreatePlease login to create content