I'm interested in trying out version 8 on an ASA - does anyone have any comments on how much risk there would be in upgrading a remote ASA to ver 8 from 7.24? I have three standard site to site VPN's; two to PIX's running 6.35 and one to a router running 12.4 - I also have a few people connecting with the Cisco client.
Really what I am asking is are there any changes to syntax or anything else I'd need to fix prior to upgrading the running image? What are the chances I'd lose ssh access to the device?
My opinion.. you should no loose any configuraiton that is currently running on 7.2, I upgraded to this version from 7.2 for the need of eigrp support and did not loose ssh access from the inside interface nor I lost RA vpn configuration, I would not suspect l2l configuration would be lost but cannot speak for this portion as I did not have at the time l2l configs , my upgrade was conducted local where I could reach the firewall in the event of failures.
How remote is remote? In any case, I would suggest that you go over the upgrade notes if you happen to be upgrading to the latest version 803, cisco is very good at noting risks , look at the caveats resolved and unresolved , the cli syntax remains other than new commands added based on the new added features on version 803 that 7.2 does not have.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...