Cisco ASA upgrade to 8.3 is there a utility to run the config through to test the NAT changes?

I'm running 8.2 on my ASAs now and I'd like to install 8.3, but I'm nervous about doing so with the new NAT changes.  Is there a utility that I can run my config through to see what the output will be when 8.3 reconfigures it and also if there will be any errors?  That would make me feel much better about the upgrade.
jpletcher1Asked:
Who is Participating?
 
Hilal1924Commented:
Hi IPLetcher:

I don't think you need to worry too much. The NAT-Control Command is no longer supported and neither is the global/translated IP for NAT. All you need to do is follow the below article and everything should turn out to be fine.

https://supportforums.cisco.com/docs/DOC-12690

There is a firewall migration tool avialable from cisco which is only available to Customers with valid CSO account. Try that if you have an account on Cisco.

Best Of Luck,

Hilal
0
 
jpletcher1Author Commented:
Thanks, I do have a Cisco account.  Can you send me the link to the tool?  Is it just a tool for PIX to ASA or Other Firewall to ASA migrations?  Or can you use it for seeing what would happen when upgrading from one Cisco IOS to a newer IOS?
0
 
Istvan KalmarHead of IT Security Division Commented:
Please refer this page:

http://www.petenetlive.com/KB/Article/0000247.htm
If you upgrading ASA automatically convert the commands to the new image!
0
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

 
jpletcher1Author Commented:
I do understand that the upgrade will take care of the changes in syntax for me.  I do know though that there can be hangups during an upgrade if there are problems with the 8.3 upgrade not being able to fully translate.  So I was hoping to run my exising 8.2 config through a utility or something and see what the 8.3 output would be, and if there would be any errors.
0
 
Istvan KalmarHead of IT Security Division Commented:
I've found a problem:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/A_3938-ASA-8-2-to-8-3-nonat-migration-probem.html


If you feel there is a migration problem after hardware upgrade, view the errors with:
hostname# show startup-config errors
0
 
Hilal1924Commented:
Yes I agree  the issues that you face while migrating can be only related with Nat Control and Object Model. While these errors do not bring down your configuration they can be very severe when trying to figure out where the problem is. So it is better to understand the new changes in ASA and then Migrating. And Also please follow the link that I posted in my first comment.
0
 
jpletcher1Author Commented:
Thanks guys, I will go off the articles and keep my fingers crossed.  I have an active and standby unit, so it shouldn't be too risky to update one and see how it goes before I do the other.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.