Monday, August 2, 2010

Downgrading from Cisco ASA 8.3

8.3 is the new major update from Cisco that contains so many philosophical changes that it should be considered 9.x.  Besides changing the way inbound ACLs are defined, they have also gone to a object based configuration and Natting has been revamped. Unfortunately all of the bugs have not been worked out yet and many people are downgrading. To make matters worse, all new appliances are being sent with 8.3 preloaded, which requires a conversion to get older configurations to work. To properly downgrade, the downgrade command must be used. Cisco has indicated that this command merely replaces some of the manual commands that are ran during a downgrade, like setting the bootsystem, write mem, and loading the config, however I have received confirmation that other steps are actually performed behind the scenes, that does not take place when a manual downgrade is performed.

To downgrade do the following:

ASA(config)# downgrade [/noconfirm] old_image_url old_config_url [activation-key old_key
Ofcourse this assumes that the old image and old config are on the appliance. If you received a new appliance 
and would like to downgrade, the image and config should be copied over first. 









Posted by
Jerome


at
10:00 AM





















Labels:















5
comments:
      









  1. I found the 8.0(5) image on my CD that shipped with my ASA 5505, but no idea where the config would be.
    ReplyDelete
  2. When you upgraded to 8.3, the old config was saved in flash (show flash).If this was not an upgrade, you must upload the old config.
    ReplyDelete
  3. Good info. Thanks
    ReplyDelete
  4. anyway you can view the *.cfg.sav (backup config)on the ASA?
    ReplyDelete
  5. You can view any file stored in flash by using the

    more disk0:/blahblah.sav

    command, I think.
    ReplyDelete




























        

      










Subscribe to:
Post Comments (Atom)