asked on
How can I upgrade my ASA production firewall with minimum down time?
I currently have in production an ASA 5510 (200 users). Its running ver 8.2(5)48.
I have already purchased and received my new firewall ASA 5512 ver 9.2(2)4 and I have have the FirePOWER e-license and all the needed software for the new box.
I anticipate several layers involved with my project; IOS, ACLS,NAT Tables, and more. I also understand Source fire software will need to run in a virtual environment.
Is there a documented step by step process? Can someone point me to the most specific resource that will at least outline the most critical steps and most common mistakes?
Thank you!
K
I have already purchased and received my new firewall ASA 5512 ver 9.2(2)4 and I have have the FirePOWER e-license and all the needed software for the new box.
I anticipate several layers involved with my project; IOS, ACLS,NAT Tables, and more. I also understand Source fire software will need to run in a virtual environment.
Is there a documented step by step process? Can someone point me to the most specific resource that will at least outline the most critical steps and most common mistakes?
Thank you!
K
Network SecurityCiscoHardware Firewalls
Last Comment
Ken Boone
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
There was a change in the way proxy arp was handled or the default settings changed somewhere along the way.. but I think that was in 8.4. I can't remember. The one thing to keep in mind is that when you swap the ASA out if you had devices with public NAT statements, the router on the outside of the firewall will need to have its arp cache flushed. So if you can reach the internet from normal clients but folks are telling you they can't reach your server that is Natted, it is probably an ARP issue on the device on the outside of your firewall.
Good luck.
Good luck.
Great Job!
just what I needed to know! Also When I upgrade to 8.3 should I anticipate issues after I reload?