Cisco ASA 5510 - migration problems from ASA 8.0.2 --> 8.3.2

I am trying to upgrade the ASA.  The newer version of ASA is 8.3.2.

I loaded a 2nd ASA 5510 with the new ASA software and then applied the running config from my production 5510, which is running 8.0.2.

Now I have no NAT Rules...  Is there a way to migrate the existing rules into the newer ASA software?  After this is resolve, I could really use more help getting these firewalls setup...

I can include the configs in private e-mail if necessary...
Who is Participating?
Jimmy Larsson, CISSP, CEHConnect With a Mentor Network and Security consultantCommented:
Read the release notes for 8.3, it says that you should upgrade to 8.2 prior to 8.3. The upgrade-gap between 8.0 and 8.3 is to big for the upgrade-script to handle.

Talon0926Author Commented:
In going from 8.0.2 to 8.2 - what method of upgrade is most reliable?  Using ASDM or...
it doesn't matter how you get the file on there, reload the asa at the software level of your production asa, with a copy of your production config on, then reload at the intermediate stage an it will upgrade the config, then reload again at the final one and it will upgrade it again
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

ArneLoviusConnect With a Mentor Commented:
for clarity, you can have multiple ASA images on the ASA at the same time

The ASA will upgrade the automatically when it loads

load all three images, but set it to boot from 8.0.2

copy on your config and reload the ASA, check that the config is still correct

set the ASA to boot from 8.2 and reload it, when it reloads the config will be upgraded to 8.2, check that the config is still correct

set the ASA to boot from 8.3.2 and reload it, when it reloads the config will be upgraded to 8.3.2, check that the config is still correct

your only issue is that to do this with your exact config, you'll have to set-up a "lab" environment as it will have the same network address as your production ASA...

Talon0926Author Commented:
I will try the migration path suggested by Arne.  For now I will accept that reply and close the ticket.  I was also recently told by a Cisco engineer that 8.3.2 takes more memory.  So, for now, I will stay at the 8.0.x release...  
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Yes, the memory requirements are higher, that is another reason for you to read the release notes before upgrading.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.