amigan_99
asked on
Cisco ASA 5510 Pair Upgrade 8.21->8.47->9.14 Proxy Phones and VPN Tunnels
I am planning to upgrade my 5510 ASA pair as described in the subject. I am hoping to use the procedure at this petenetlive URL..
http://www.petenetlive.com/KB/Article/0000733.htm
A few concerns.
Will upgrading from 8.21 to 8.47 and then 8.47 to 9.14 be a good sequence?
Is there any risk to the functionality of my CIsco Proxy phones? I have about 20 deployed around the country and I am concerned that the upgrade could leave some sales reps without phone service if there's an incompatibility. Any issues to consider there??
Is there any risk to a VPN tunnel to another ASA 5510 pair which is still using 8.21? That would likewise be very bad
if after the upgrade I could no longer get to the remote site. Anything need to be reconfigured on either side after the upgrades?
http://www.petenetlive.com/KB/Article/0000733.htm
A few concerns.
Will upgrading from 8.21 to 8.47 and then 8.47 to 9.14 be a good sequence?
Is there any risk to the functionality of my CIsco Proxy phones? I have about 20 deployed around the country and I am concerned that the upgrade could leave some sales reps without phone service if there's an incompatibility. Any issues to consider there??
Is there any risk to a VPN tunnel to another ASA 5510 pair which is still using 8.21? That would likewise be very bad
if after the upgrade I could no longer get to the remote site. Anything need to be reconfigured on either side after the upgrades?
Why you wanna upgrade ?
ASKER
The primary issue is that I need to apply an upgrade license to accommodate more proxy phones. I'm at 20 or 24. I purchased the upgrade I think to 48 phones. But when I got it I realized it was only associated with the primary member of the pair. I was told that if I upgraded to 8.4 or beyond that the proxy phone license then works for both primary and the secondary unit. If I apply the upgrade license to the primary and at some point it went out - then some of my remote users would be unhappy. But if you see a flaw in my logic I'm all ears.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Pete! I'm getting close on my change doc. I'm still worried about the proxy phone operation. That will cause a major ruckus if that stops working. What I think I'll do is..
>Reboot the failover after upgrade.
5510-1 (config)# failover reload-standby
..And then I will test all of the functionality including the proxy phone operation. If all is good then I reload and activate the primary.
If anything's amiss then I can simply take the secondary ASA offline, verify that the bootvar on primary remains as the original and activate it at pre-upgrade level.
>Reboot the failover after upgrade.
5510-1 (config)# failover reload-standby
..And then I will test all of the functionality including the proxy phone operation. If all is good then I reload and activate the primary.
If anything's amiss then I can simply take the secondary ASA offline, verify that the bootvar on primary remains as the original and activate it at pre-upgrade level.
Sounds like a plan :)
ThanQ
ThanQ