I need to update my asa from 8.2(3) to whatever the next stable version is. I know some people where having issues with the 8.3 releases. Is 8.4 looking good for everyone?

_________________
thelostpackets.blogspot.com - randomness from the bit bucket

8.4.2 has been good for me.
Just be aware that after 8.2, the NAT config changes.

_________________
http://networking.ventrefamily.com

8.4.2 has been ok for us as well. I believe the consensus is to upgrade from 8.2 -> 8.3 -> 8.4

See this thread: http://www.networking-forum.com/viewtopic.php?t=26620

running 8.4(3) here with no issues, for about a week now.

_________________
"If you're good at anticipating the human mind. It leaves nothing to chance."
-Jigsaw

I have lots of ASAs running 8.2(5)13 ; technically that's after 8.2(3)

_________________
"A problem well stated is a problem half solved". (Charles Kettering)

8.2(5)22 is out since January, previous interium was the 8.2(5)13

mlan, technically, the recommended upgrade process is is
8.2 -> last stable release in 8.2 train -> 8.3 -> last stable release in 8.3 train -> 8.4 -> latest 8.4 release.

but then again I went directly from 8.0(5) to 8.4(1)51 with no issues.

_________________
"If you're good at anticipating the human mind. It leaves nothing to chance."
-Jigsaw

8.4(3) has been good for me

_________________
http://blog.alwaysthenetwork.com

I got a copy of 8.4(2)-5 from TAC that has been rock solid. So i am figuring that 8.4(3) is fine.

What issue were you hitting on 8.4(2)?

_________________
http://blog.alwaysthenetwork.com

Honestly we were having some issues where the configuration wasnt loading right after a reboot. It would parse valid lines out of the config. You could manually reinsert them though. It was quite strange.

careful using 8.2(5)22; it crashes the standby unit upon booting. See viewtopic.php?t=29501 for more info.

_________________
"A problem well stated is a problem half solved". (Charles Kettering)

The majority of my clients firewalls are on 8.4.2 and we haven't had any issues. Various configurations of 5510's and 5505's.

_________________
The Cubicle Wizard
http://cubiclewizard.blogspot.com/

I'm curious, what is the reasoning for upgrading in increments instead of from 8.2 straight to 8.4?

Thanks for the replies everyone.

I was having issues configuring anyconnect for voip and I thought it was because of my version. Turns out, tac sent me config example for a router and not asa which is why the commands didnt match up. Specifically crypto ca vs crypto pki.

_________________
thelostpackets.blogspot.com - randomness from the bit bucket

8.2 to 8.3 is considered a major upgrade, something with the restructuring of the NAT configurations. I just upgraded one of our ASA's from 8.2 to 8.3. We've been running it for about 3 months now without any issues from what I can tell. I'm in the process now of upgrading our second ASA which we are running the CAC VPN on, that was a pain to duplicate on the replacement ASA but a sense of accomplishment when it finally worked!

It seems we will be holding off on the 8.4 upgrade until it has been out for a bit.

I've only been in the networking game since the end of 2009 and I only have a CCENT so take it however

Here are the release notes for 8.3
http://www.cisco.com/en/US/docs/securit ... arn83.html

•NAT redesign.

•Real IP addresses in access rules instead of mapped addresses.

•Named network objects and service objects.