Cisco Cisco Catalyst 6500 Series 7600 Series ASA Services Module Notas de publicación
After you upgrade, the username command no longer requires the password or nopassword keyword;
you can require that a user cannot enter a password. Therefore, to force public key authentication only,
re-enter the username command:
you can require that a user cannot enter a password. Therefore, to force public key authentication only,
re-enter the username command:
username admin privilege 15
• Upgrade impact when upgrading the ASA on the Firepower 9300— Due to license entitlement naming
changes on the back-end, when you upgrade to ASA 9.6(1)/FXOS 1.1.4, the startup configuration may
not parse correctly upon the initial reload; configuration that corresponds to add-on entitlements is
rejected.
not parse correctly upon the initial reload; configuration that corresponds to add-on entitlements is
rejected.
For a standalone ASA, after the unit reloads with the new version, wait until all the entitlements are
processed and are in an "Authorized" state (Monitoring > Properties > Smart License), and simply
reload again (Tools > System Reload) without saving the configuration. After the reload, the startup
configuration will be parsed correctly.
processed and are in an "Authorized" state (Monitoring > Properties > Smart License), and simply
reload again (Tools > System Reload) without saving the configuration. After the reload, the startup
configuration will be parsed correctly.
For a failover pair if you have any add-on entitlements, follow the upgrade procedure in the FXOS
release notes, but reset failover after you reload each unit (Monitoring > Properties > Failover > Status,
Monitoring > Failover > System, or Monitoring > Failover > Failover Group, and then click Reset
Failover).
release notes, but reset failover after you reload each unit (Monitoring > Properties > Failover > Status,
Monitoring > Failover > System, or Monitoring > Failover > Failover Group, and then click Reset
Failover).
For a cluster, follow the upgrade procedure in the FXOS release notes; no additional action is required.
• ASA 5508-X and 5516-X upgrade issue when upgrading to 9.5(x) or later—Before you upgrade to ASA
Version 9.5(x) or later, if you never enabled jumbo frame reservation then you must check the maximum
memory footprint. Due to a manufacturing defect, an incorrect software memory limit might have been
applied. If you upgrade to 9.5(x) or later before performing the below fix, then your device will crash
on bootup; in this case, you must downgrade to 9.4 using ROMMON (
memory footprint. Due to a manufacturing defect, an incorrect software memory limit might have been
applied. If you upgrade to 9.5(x) or later before performing the below fix, then your device will crash
on bootup; in this case, you must downgrade to 9.4 using ROMMON (
), perform the below procedure, and then upgrade again.
1
Enter the following command to check for the failure condition:
ciscoasa#
show memory detail | include Max memory footprint
Max memory footprint
=
456384512
Max memory footprint
=
0
Max memory footprint
=
456384512
If a value less than 456,384,512 is returned for “Max memory footprint,” then the failure condition
is present, and you must complete the remaining steps before you upgrade. If the memory shown is
456,384,512 or greater, then you can skip the rest of this procedure and upgrade as normal.
is present, and you must complete the remaining steps before you upgrade. If the memory shown is
456,384,512 or greater, then you can skip the rest of this procedure and upgrade as normal.
2
Enter global configuration mode:
ciscoasa#
configure terminal
ciscoasa(config)#
3
Temporarily enable jumbo frame reservation:
ciscoasa(config)#
jumbo-frame reservation
WARNING: This command will take effect after the running-config
is saved and the system has been rebooted. Command accepted.
INFO: Interface MTU should be increased to avoid fragmenting
jumbo frames during transmit
is saved and the system has been rebooted. Command accepted.
INFO: Interface MTU should be increased to avoid fragmenting
jumbo frames during transmit
Do not reload the ASA.
Note
Release Notes for Cisco ASDM, 7.6(x)
2
Release Notes for Cisco ASDM, 7.6(x)
Important Notes