Getting ready to upgrade a ASA 5520 from 7.2 code to 8.x, all because of the IPS module needs to be upgraded from 6.1 to 7.x.
(1) Should I expect a smooth upgrade (from 7.2 to 8.x) on the ASA box? Anyone runs into problem, gotcha kind of thing? ANy problem on the config file not being converted correctly?
(2) For the IPS part, do you or do you not to use the upgrade command within the IPS module? From the IPS's doc. it says to use the upgrade command. From ASA's doc. it says to use: hw-module command. If I understand this correctly, by using hw-module command to upgrade the IPS from within the ASA, it would wipe my IPS config file.Don't want to do that if I can help it.
ASA code upgrade is straight forward - I have upgraded from that version to 8.0, and 8.2 with no issues , however all networks are not the same. You may wan to read release notes open caveats for the code you are upgrading to . Read those notes it helps .. you may also do a simple search in the upper right corner furum window box on ASA 8.0 upgrade problems to read others posts on the subject..
Also remember to upgrade your ASDM image for that code .
Before all above you know it!! back up your 7.x config , you may keep 7.x code in disk0 and old asdm image in case you need to go back , just change boot statement for new code and point asdm to correct image, generaly upgrade should be fine..
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...