Install and Use a TFTP ServerĪddress or name of remote host ? 10.0.0.127ĭestination filename ? asa911-k8.binĪccessing t. If you have an An圜onnect XML profile take a backup of that also (I’ve seen them disappear).
First you need to upload the software to the flash memory on BOTH firewalls, you can either connect to the ASA via command line and TFTP them there, or connect to the ASDM and upload them from your PC/Laptop. I’ve never had a problem HOWEVER, DO NOT ATTEMPT an upgrade until you have a good backup of the config.ġ.
When we start, the primary firewall is the active firewall. In this example, I’m going to upgrade both the firewalls from 8.4(5) to 9.1(1), and the ASDM from version 7.1(1) to 7.1(1)-52. To get updates from Cisco you need to have a valid support agreement for your firewalls and a Cisco CCO account to log in with. The Active firewall will be the firewall that’s passing traffic and in operation, and the Standby firewall is sat waiting to take over, each physical firewall can be either active or standby. (Unless you manually change the configuration to force things otherwise!). The Primary and Secondary firewalls are physical firewalls, the primary will always be the primary, and the secondary will always be the secondary. As you already have a high availability solution you do not want any downtime.īefore we start, we need to make sure we know the difference between primary, secondary, active and standby.įrom the rear (Active=Green, Standby=Amber) You have two ASA firewalls deployed in Active/Standby failover configuration, and need to upgrade either the operating system or the ASDM.
0 kommentar(er)
