I'm currently running 7.2(2) code. Whats the news on upgrading to 8.0.3

Whats the news on upgrading to 8.0.3?  Are folks waiting till more bugs get worked out or does it seem stable enough.  I've got a ton of VPN clients and a few L2TP clients.  Just wanted to check the news before/if I upgrade.
Surefoot3Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

paul-adamCommented:
Im quite happy with it - been using it in production at about 5 or 6 client sites - no major complaints....plus the SSL VPN/portal stuff is very cool as well

the upgrade process is so easy as well (much easier and quicker that the v6 to 7 upgrade was on the old pix 515e) - Just upload the file - point at the new ASA image and reboot!
(dont forget your ASDMv6.0(3) image as well)

As ever though - Check the release notes for the specific known issues in case there is one that affects you directly (its quite a big list)

Cheers

Paul
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Surefoot3Author Commented:
Yeah... I upgraded and haven't heard of any issues yet.  Of course its only been 1 day.
0
Surefoot3Author Commented:
Yeah... I upgraded and haven't heard of any issues yet. Of course its only been 1 day.
0
Redefining Cyber Security w/ AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Join our webinar on Sept. 21st to learn more about leveraging AI and machine learning to protect your business.

paul-adamCommented:
Typically, just after me posting our message we have run into one issue - although I dont know as yet whether it might be hardware or software related (and of course whether it will apply to you.)

We have our ASA running IPSec and SSL vpn's with RADIUS authentication from our Active Directory.

We started getting calls that nobody could connect to either of the VPN's and noticed that we were getting a Memory Allocation error whilst the ASA was trying to construct a VPN tunnel - A quick reboot of the ASA resolves it - which isnt ideal.

This has happened twice now, so Im going to raise a Cisco TAC case and see what they say.

Im wondering if this is maybe a hardware fault though as this issue hasnt cropped up anywhere else where we have upgraded clients ASA's to 8.0(3).
0
elmtree_support_teamCommented:
Hi Paul,
I'm experiencing the same problem at a customer site.  IPSec stops working, but also outbound FTP connections fail.  I'm wondering if this is a hardware fault, it usually takes 2 weeks to occur and I notice the RAM usage is at the same level each time (205MB).  No other sites have experienced this issue.
How did you get on with your support case?   I'm waiting to hear back from TAC.
Cheers,
Luke
0
paul-adamCommented:
Hi Luke,

Im not as sure as I was that this is a hardware issue - It hasnt happened to me again (yet!) so I havent been able to gather more troubleshooting info.

After thinking about it Im going to look at checking how many xlates I have in use and to see what other things might be using a considerable amount of memory.

I think it is simply just running out of available memory for some reason (again, possibly a bug in the OS code???) but I want to have a dig to see if I can work out whats going on before raising the TAC call (as Cisco will just lead me down a lengthy troubleshooting path if I dont have more info first).

How busy is your firewall - Ours has about 40 internal users on the inside and about 5 or 6 users connect over VPN.

Will wait and see what I find next time it goes belly up and I will keep you posted.

Cheers

Paul

0
elmtree_support_teamCommented:
Thanks Paul,
The firewall isn't terribly busy - 1% CPU, 205MB RAM.  There's about 40 users, but most of them use Skype, messenger programs, and even peer2peer programs for downloading binaries.  xlates is about 500 when it happens - which really isn't that many for a 5510.  
The other thing is that it doesn't correct itself when the xlates reduce over night.
Also, this ASA was running perfectly for about 5 months on 8.0(2) before this problem first occured.  It then happened 2 days later, then 2 weeks after upgrading to 8.0(3).

Cheers,
Luke
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.