Two recently purchased ASA5520-K9 vere delivered to us with software v7.0(7).
We have successfully configured them and finally updated to the latest release of the v7.0.x i.e. v7.0.(8).
The ASA5520 with v7.08 are not yet in the PROD environment but they have been validated as stable during the testing and acceptance phase. Fianlly we would like to integrate them in our CiscoWorks LMS v3.1 but the the LMS requires ASA5520 to be at least at the v7.2.1.
We would like to know now if it is worth moving the ASA5520 to v7.2.x only for the sake of having them integrated in the LMS v3.1, if v7.08 is stable and seems somehow less vulnerable to security breaches then releases 7.2.x?
Briefly, can someone please explain what are benefits in general of moving ASA 5520 from v7.08 to v7.2.x or perhaps even to v8.x?
After having witnessed several cases of instability with the 7.1.x/7.2.x and 8.x code I would recommened to stay at 7.0(8) unless you need a feature that is not available in your current release (like hairpinning,l2tp,advanced ssl,some inspections etc.).
For some things its highly recommended to go to 8.x. We just had a case this weekend with a customer running IPSEC over GRE (with IPSEC on the ASA). The tunnels would just drop randomly, we had a tac engineer have us upgrade to 8.0(4) and all is well so far.
The tunnel line protocol is down. The ASA is placed between the two routers and the gre tunnel is configured on both routers. Tunnel destination on both ends are able to ping each other but tunnel IPs cant ping each other. Also tunnel line protocol is down i have allowed gre on ASA from outside to inside. Kindly give me suggestions its very urgent.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :