1. We are about upgrading our PIX 515E/ failover pair from 7.04 to 8.0x. but not sure which release has been tested and confirmed to be the most stable. I want to know which is the best version to upgrade to.
1. If there is no 8.0x versions very stable at the moment, is 7.2 ok? Is there any 7.2 version i should chose in prefernce for other?
All the memory/flash requirements are ok on my pix
Thanks for your response. I have seen other peoples comment about some services not working properly after upgrading to 8.0x. Our Network is quite large and would not want to risk any service failure or struggling to get some services to work after the upgrade. Is there anything you think I should be aware of, prior to this upgrade you suggested?
Peter you have to plan this out for sure with a 'downgrade plan' incase the need arises. One particular bug is with VPNs going down after upgrading to 8.x (this is with regards to compression being enabled by default or something). Some stuff works better in 7.x and other works better in 8.x. If you have multiple firewalls make sure you test one out, and if possible test it out first one one of the less critical boxes you have.
yes I will plan out things as adviced. With regards to compression enabled by default in 8.0x, I have all my VPN terminated on a VPN concentrator and the Concentrator is connected to the PIX dmz I wil be upgrading. Will this still have any effect on the VPN?
Thanks for your advice. i have upgraded the PIX through ver7.04->7.24->8.04 and all seems to be working fine. I had a few issues with sqlnet which did not work after upgrade to 8.04 but had to turn off sqlnet inspection on the firewall.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :