I have a pair of asa5520's in active/standby configuration. I plan on ugrading the asa/asdm images to 8.4 shortly (currently on 8.0) and would like to do this with zero downtime. Specifically, I would like to upload the new software to the standby unit, upgrade it, swap standby/active units and then upgrade what will become the standby after the swap.
The problem I'm having is getting the new images uploaded onto the standby unit. I've read that the routing table is not shared from the primary and the USB ports are "for future use". I have no problem uploading the new images to the active unit via tftp...but can't do the same to the standby.
In a nut shell, how can I upload new images to the standby unit?
You can download the image to a laptop, then connected directly to an interface on the Secondary unit and try to do it, you can set the stand by unit as active while doing this and then as soon as you have the image on the secondary ASA, just select the primary unit as the active again.
Do you understand my point here??
Julio Carvajal Senior Network Security and Core Specialist CCIE #42930, 2xCCNP, JNCIP-SEC
I understand what you’re saying, I guess I just have one question. We use this ASA as a VPN concentrator, when swapping the units from active to standby and vice-versa, are end connected into it dropped? If they aren’t then I could just make the swap at any time and be able to tftp normally.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...