In this post I will describe how I upgraded the software of my Active/Standby Failover Cisco ASA 5512X from 8.6 to 9.1. Additionally, I will upgrade the ASDM to the latest version.
When upgrading the software of your Cisco ASA it’s important to read the release notes beforehand. Go through each major and minor release version. According to Cisco, you should upgrade to the latest minor release version before upgrading to the next major version.
This is important if you want to maintain a zero downtime upgrade.
A minor release upgrade is, for example, going from 8.3 to 8.4. Which means zero downtime is not supported from 8.3 to 8.6.
A major release upgrade is going from the base version to the next release. For example, 8.6 to 9.0. This would be supported for zero downtime. It would NOT be supported if you were to go from 8.6 to 9.1.
In my process, I went from 8.6 to 9.0 and then from 9.0 to 9.1.
Before we do any sort of upgrades on the ASA, we need to make a backup. After the backups, we will upload the bin file to the primary ASA and secondary ASA. The same goes for ASDM. After the bin is uploaded, you change the active and standby ASA boot system order. You can have multiple boot systems and the ASA will pick from the top. Then you reboot the ASA and it should be on the latest version. [Read more…] about Cisco ASA Zero Downtime Upgrade