ASA upgrade 9.1.1 to 9.1.7

[tklamb]

Can I go directly from 9.1.1 to 9.1.7? Or is there another version I should go to first?

 

[iggsterman]

you can upgrade directly from one minor version to another.

 

[tklamb]

Actually I checked with TAC on this and they recommend the upgrade path 9.1.1  9.1.2  9.1.6.11 (9.1 7 has been removed).

 

[iggsterman]

First off you did not have to do that, according to Tier 2 Cisco TAC. I just upgraded from 8.x in 2 steps without an issue. Second off, when saying "removed" did you mean 5500-X series? Because 5510, 5520, etc. still have the version as recommended and available to fix the IKE vulnerability. And the last thing I'd like to mention, if you have access to TAC, what is the point of asking the forum for help and then "correcting" the received advice?

 

[tklamb]

I have 5515's and 9.1(7) has been removed due to issues. With all due respect I have never done an ASA upgrade and have done a considerable amount of research verifying your advise and have read conflicting info so I did open a TAC case as the recommended version 9.1 (6.11) was not on their site and 9.1 (7) was gone.

I reposted what I had learned.