• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6069
  • Last Modified:

Cisco ASA upgrade to 8.3 is there a utility to run the config through to test the NAT changes?

I'm running 8.2 on my ASAs now and I'd like to install 8.3, but I'm nervous about doing so with the new NAT changes.  Is there a utility that I can run my config through to see what the output will be when 8.3 reconfigures it and also if there will be any errors?  That would make me feel much better about the upgrade.
0
jpletcher1
Asked:
jpletcher1
  • 3
  • 2
  • 2
2 Solutions
 
Hilal1924Commented:
Hi IPLetcher:

I don't think you need to worry too much. The NAT-Control Command is no longer supported and neither is the global/translated IP for NAT. All you need to do is follow the below article and everything should turn out to be fine.

https://supportforums.cisco.com/docs/DOC-12690

There is a firewall migration tool avialable from cisco which is only available to Customers with valid CSO account. Try that if you have an account on Cisco.

Best Of Luck,

Hilal
0
 
jpletcher1Author Commented:
Thanks, I do have a Cisco account.  Can you send me the link to the tool?  Is it just a tool for PIX to ASA or Other Firewall to ASA migrations?  Or can you use it for seeing what would happen when upgrading from one Cisco IOS to a newer IOS?
0
 
Istvan KalmarCommented:
Please refer this page:

http://www.petenetlive.com/KB/Article/0000247.htm
If you upgrading ASA automatically convert the commands to the new image!
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
jpletcher1Author Commented:
I do understand that the upgrade will take care of the changes in syntax for me.  I do know though that there can be hangups during an upgrade if there are problems with the 8.3 upgrade not being able to fully translate.  So I was hoping to run my exising 8.2 config through a utility or something and see what the 8.3 output would be, and if there would be any errors.
0
 
Istvan KalmarCommented:
I've found a problem:
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/A_3938-ASA-8-2-to-8-3-nonat-migration-probem.html


If you feel there is a migration problem after hardware upgrade, view the errors with:
hostname# show startup-config errors
0
 
Hilal1924Commented:
Yes I agree  the issues that you face while migrating can be only related with Nat Control and Object Model. While these errors do not bring down your configuration they can be very severe when trying to figure out where the problem is. So it is better to understand the new changes in ASA and then Migrating. And Also please follow the link that I posted in my first comment.
0
 
jpletcher1Author Commented:
Thanks guys, I will go off the articles and keep my fingers crossed.  I have an active and standby unit, so it shouldn't be too risky to update one and see how it goes before I do the other.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now