• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 523
  • Last Modified:

I'm currently running 7.2(2) code. Whats the news on upgrading to 8.0.3

Whats the news on upgrading to 8.0.3?  Are folks waiting till more bugs get worked out or does it seem stable enough.  I've got a ton of VPN clients and a few L2TP clients.  Just wanted to check the news before/if I upgrade.
0
Surefoot3
Asked:
Surefoot3
  • 3
  • 2
  • 2
1 Solution
 
paul-adamCommented:
Im quite happy with it - been using it in production at about 5 or 6 client sites - no major complaints....plus the SSL VPN/portal stuff is very cool as well

the upgrade process is so easy as well (much easier and quicker that the v6 to 7 upgrade was on the old pix 515e) - Just upload the file - point at the new ASA image and reboot!
(dont forget your ASDMv6.0(3) image as well)

As ever though - Check the release notes for the specific known issues in case there is one that affects you directly (its quite a big list)

Cheers

Paul
0
 
Surefoot3Author Commented:
Yeah... I upgraded and haven't heard of any issues yet.  Of course its only been 1 day.
0
 
Surefoot3Author Commented:
Yeah... I upgraded and haven't heard of any issues yet. Of course its only been 1 day.
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
paul-adamCommented:
Typically, just after me posting our message we have run into one issue - although I dont know as yet whether it might be hardware or software related (and of course whether it will apply to you.)

We have our ASA running IPSec and SSL vpn's with RADIUS authentication from our Active Directory.

We started getting calls that nobody could connect to either of the VPN's and noticed that we were getting a Memory Allocation error whilst the ASA was trying to construct a VPN tunnel - A quick reboot of the ASA resolves it - which isnt ideal.

This has happened twice now, so Im going to raise a Cisco TAC case and see what they say.

Im wondering if this is maybe a hardware fault though as this issue hasnt cropped up anywhere else where we have upgraded clients ASA's to 8.0(3).
0
 
elmtree_support_teamCommented:
Hi Paul,
I'm experiencing the same problem at a customer site.  IPSec stops working, but also outbound FTP connections fail.  I'm wondering if this is a hardware fault, it usually takes 2 weeks to occur and I notice the RAM usage is at the same level each time (205MB).  No other sites have experienced this issue.
How did you get on with your support case?   I'm waiting to hear back from TAC.
Cheers,
Luke
0
 
paul-adamCommented:
Hi Luke,

Im not as sure as I was that this is a hardware issue - It hasnt happened to me again (yet!) so I havent been able to gather more troubleshooting info.

After thinking about it Im going to look at checking how many xlates I have in use and to see what other things might be using a considerable amount of memory.

I think it is simply just running out of available memory for some reason (again, possibly a bug in the OS code???) but I want to have a dig to see if I can work out whats going on before raising the TAC call (as Cisco will just lead me down a lengthy troubleshooting path if I dont have more info first).

How busy is your firewall - Ours has about 40 internal users on the inside and about 5 or 6 users connect over VPN.

Will wait and see what I find next time it goes belly up and I will keep you posted.

Cheers

Paul

0
 
elmtree_support_teamCommented:
Thanks Paul,
The firewall isn't terribly busy - 1% CPU, 205MB RAM.  There's about 40 users, but most of them use Skype, messenger programs, and even peer2peer programs for downloading binaries.  xlates is about 500 when it happens - which really isn't that many for a 5510.  
The other thing is that it doesn't correct itself when the xlates reduce over night.
Also, this ASA was running perfectly for about 5 months on 8.0(2) before this problem first occured.  It then happened 2 days later, then 2 weeks after upgrading to 8.0(3).

Cheers,
Luke
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now