Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5520 with sw v7.0.8 vs. v7.2.x vs. v8.x

Two recently purchased ASA5520-K9 vere delivered to us with software v7.0(7).

We have successfully configured them and finally updated to the latest release of the v7.0.x i.e. v7.0.(8).

The ASA5520 with v7.08 are not yet in the PROD environment but they have been validated as stable during the testing and acceptance phase. Fianlly we would like to integrate them in our CiscoWorks LMS v3.1 but the the LMS requires ASA5520 to be at least at the v7.2.1.

We would like to know now if it is worth moving the ASA5520 to v7.2.x only for the sake of having them integrated in the LMS v3.1, if v7.08 is stable and seems somehow less vulnerable to security breaches then releases 7.2.x?

Briefly, can someone please explain what are benefits in general of moving ASA 5520 from v7.08 to v7.2.x or perhaps even to v8.x?

Thanks in advance.

6 REPLIES
Silver

Re: ASA 5520 with sw v7.0.8 vs. v7.2.x vs. v8.x

Pros reason for moving to 7.2 or 8.x:

- more features than v7.0.8 such as hair-pinning

and other stuffs,

Cons reason for moving to 7.x or 8.x:

- more bugs and in-stability issues.

Re: ASA 5520 with sw v7.0.8 vs. v7.2.x vs. v8.x

After having witnessed several cases of instability with the 7.1.x/7.2.x and 8.x code I would recommened to stay at 7.0(8) unless you need a feature that is not available in your current release (like hairpinning,l2tp,advanced ssl,some inspections etc.).

For some things its highly recommended to go to 8.x. We just had a case this weekend with a customer running IPSEC over GRE (with IPSEC on the ASA). The tunnels would just drop randomly, we had a tac engineer have us upgrade to 8.0(4) and all is well so far.

Regards

Farrukh

New Member

Re: ASA 5520 with sw v7.0.8 vs. v7.2.x vs. v8.x

Thanks a lot to all for your precious input.

New Member

Re: ASA 5520 with sw v7.0.8 vs. v7.2.x vs. v8.x

Hi

The tunnel line protocol is down. The ASA is placed between the two routers and the gre tunnel is configured on both routers. Tunnel destination on both ends are able to ping each other but tunnel IPs cant ping each other. Also tunnel line protocol is down i have allowed gre on ASA from outside to inside. Kindly give me suggestions its very urgent.

thanks,

Re: ASA 5520 with sw v7.0.8 vs. v7.2.x vs. v8.x

Did you solve your issue Uzman?

Regards

Farrukh

New Member

Re: ASA 5520 with sw v7.0.8 vs. v7.2.x vs. v8.x

Hi Farrukh,

Yes i have solved the issue. It was due to HSRP is running on inside vlan of ASA and that HSRP IP needs to be NAT on ASA in order to establish GRE tunnel.

Thanks & regards,

Uzman.

Note: Give me your MSN ID so we will keep in touch. Add me uzman_hassan@hotmail.com

256
Views
0
Helpful
6
Replies
CreatePlease to create content