Cisco Security :: How To Upgrade To NAC 4.9 On CAM / CAS
Feb 16, 2012
I have a NAC platfom with CAM/CAS - 4.7.2 and Agents - Windows - 4.7.2.10 and MAC - 4.7.2.507.
I want to upgrade to NAC 4.9 on the CAM/CAS and but want to know if CAM/CAS 4.9 will be compatible with agents Win/MAC 4.7.2.10/4.7.2.507 pending when I upgrade the agents on the Client machines. For certain reasons we do not want to do the Agent upgrade yet.
I have gone through the NAC 4.9 CAM/CAS/Agent Compatibility Matrix in the NAC 4.9 release notes but I am still not clear on this.
I have a project to upgrade an ASA 5520 to 9.1.x, then add another ASA for failover. What will be the correct way ?
I had the 2 Gb memory.
I have rewritten all nat statements (during my other 8.2 to 8.3 or 8.4 upgrade project, the nat conversion was catastrophic, so I rewrite all now).
Can I upgrade directly to v9 ? Or 8.2 -> 8.4 -> 9.1 ?
I think to :
- inject actual config in the new ASA in 8.2 - remove nat statement - upgrade to 8.4 - configure new nat - upgrade to 9 - connect the new ASA to the network and deconnect the other ASA - test - upgrade old ASA to 8.4 or 9 directly ? - configure failover
I want to upgrade my ASA 5510 from version 7.0(6) to 8.2(5). Reading the release notes for 8.2(5) it says the DRAM requirement is 256MB unless you have high CPU usage. Also it says I need to upgrade through the major releases, from 7.0(x) to 7.1(x) and 7.1(x) to 7.2(x) and then from 7.2(x) to 8.2(x). The questions are:
- My ASA has 256MB of RAM and 68% of free memory, would you think it will run the 8.2(5) version with no problem? - When making the upgrades to the major releases, is there any consideration regarding the configuration file? Or the versions to use for the 7.1 and 7.2 versions? - Would you recommend making all the upgrades in one maintenance window? How much time could it take?
I have a Cisco 1921 ISR Router with Security License running software version 15.0. I want to upgrade the router to 15.1. But I don't want to lose the security license that came with the router. When I look at the IOS downloads page on Cisco, all I see is universal images for all versions of 15.1.
My question is - where is the security license stored? In the IOS or programmed in somewhere else of the router? If I upgrade my router to one of the newer 15.1 universal images, will I lose my security license?
I am trying to upgrade all my firewalls to Security Plus but I am not sure what firewalls are needing the upgrade. Is there a SNMP pull I can do to see what license is on my firewall? example: "This platform has an ASA 5510 Security Plus license." via SNMP
We want to upgrade one of our Cisco 5505 with Security Plus license. what is the difference between L-ASA5505-SEC-PL and ASA5505-SEC-PL upgrade licenses?
We are planning to upgrade the ASA license in an A/S pair by adding the ASA5500-SC-20= license. The ASA is 5545 and runs 8.6. According to documentation, after 8.3 version, the ASAs can share a license features and do not require the same license on both boxes. I run a test in GNS3 with 8.4(2) images and I saw that by adding the 'activation-key' command only on the primary unit did the job as the 'show activation-key' output shows. In order to be 100% sure would like to verify the following:
Putting the activation-key only on the primary unit is enough and there is no need to do anything elseIn case the primary unit is standby, again we have to put the actication-key command on the primary unit (I am asking this because the 'activation-key' command is not listed under the commands that are not replicated to the other unitk, but doesn't make sense to be replicated since the activation-key is 'tied' with the S/N of the device).
i have 2921 router with base license . i want to upgrade to it to security k9 feature or want to enable it. i have license file with product activation key. how should i do it. if any body have screen shot file
I have two Windows 7 computers and neither one will successfully upgrade a 1242 AP to LWAP. However, I go to a coworker's XP machine and run the tool without issues. On Windows 7 I keep receiving the error message of ACL or Firewall is blocking. I have added rules and then even tried disabling the firewalls completely on both computers and still no success.
Is it possible to upgrade the CSACS-1121-UP-K9 to be a non upgrade part? We were going to upgrade from a Windows 4.x to the above Appliance (version 5.x) but there is now a reason to keep the old Windows version running therefore we cannot give the new Appliance the old ACS's licenses?!So we should have (with hindsight) bought a fresh version of the ACS 5.x rather than an upgrade.
My company ordered NAC and ACS 1120 My question is Can i configure 802.1X security through ACS server and NAC in layer 2 Inband Virtual Gateway.for campus switches.Is it the good design to have double security for switch ports. 1st is 802.1X and 2nd is NAC in layer 2 INBAND VG?
ASA 5510 security plus edition will it support active/active failover. and does it support context with securiyt plsu edition. and how many default context do we get with asa 5510 security plus edition.
I have a Linksys WRT610N wireless system with WPA-PSK security and this works fine with several computers but now one computer detects the wireless security as WEP and can thus not connect to the router. I have tried to manually connect to the router with correct security WPA-Personal (TKIP) and correct password but then the computer says "settings saved on this computer for the network do not match the requirements of the network".How can I get the computer to detect the correct security? The computer is running Windows 7 home premium.
Is it true that the FCC is investigating the Pogo game site because of poor security? Is Java the cause of this problem?I'm very leery of getting on the Pogo site because I've been told that my computer could get a virus and crash.
I'm new to IT, and have been put in charge of managing our servers hile my boss is on vacation.We currently have a Sonicwall Network Security Appliance that handles our Firewall/VPN and have web content filtering set in place.I have a user who belongs to 2 CFS policy groups that we have set up. I've double checked with Active Directory, and he is a member of both groups.
This person SHOULD have access to Job searches/ and Restaurants,but receives a "content blocked" message on his browser.It appears to me that the settings in Sonicwall are correct, as well with AD member groups.
I am trying to connect to a Security-enabled wireless netowork. I have the key. My problem is that I can't seem to figure out how to enter it. When I try to connect I open the "view available networks"window. I see the network name and it shows a strong signal (all 5 green bars).
I want to install Microsoft Security Essential on my PC, but I am not sure which download I need. One says amd64 and the other is x86. I am using windows xp 32bit.
I was informed by a co-worker that there is a security vulnerability with the local certificate authority in the ASA running 8.3 code. I've looked through the security advisories and haven't been able to find anything about this. Was this just misquote or am I missing the security advisory release?
I have a ASA 5505 that I test with which originally came with the Security Plus license. I recently erased flash and loaded the latest asa841-k8.bin version of IOS along with asdm-642.bin. Everything booted fine and came up as it does when freshly wiped however I noticed that i was now only running a base license. If I issue the sh activiation-key command, I noticed the following messages (full output is at the bottom):
The Running Activation Key is not valid, using default setting ...... This platform has a Base license. ...... Failed to retrieve flash permanent activation key
Did I somehow kill my Security Plus licensing when I did the erase flash? If so how do I recover it?
ciscoasa# sh activation-key Serial Number: JMXXXXXXHU Running Permanent Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000
The Running Activation Key is not valid, using default settings:
Licensed features for this platform: Maximum Physical Interfaces : 8 perpetual VLANs : 3 DMZ Restricted Dual ISPs : Disabled perpetual VLAN Trunk Ports : 0 perpetual
[code]...
This platform has a Base license.Failed to retrieve flash permanent activation key.The flash permanent activation key is the SAME as the running permanent key.
I have windows xp home and the last few days a security installation has kept trying to install ie: "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (KB2538242) (update 1 of 1)..."
I have a project to upgrade LMS3.2 to a new PI 1.2. my current plan is
1. build a new VM to install LMS 4.2 2. backup LMS 3.2 ( not SP1) 3. import 3.2 data to the new 4.2 machine 4.build a PI 1.2 and import 4.2 data into PI 1.2 5. run the devices side by side untill parity
As 3.2 is not SP1 can the data still be migrated into 4.2 or will I need to upgrade 3.2 to 3.2.1 ( SP1)? Is there a script to backup/restore data from 3.2 to 4.2?
I am upgrading the LMS 3.2.0 to LMS 3.2 SP1 software and also RME 4.3.0 to RME4.3.1. Do I need to add further patches to make CiscoWorks up to date.I know that LMS 4 is released but currently we are not planning to buy it.
Is it possible to upgrade a L-ASA-SSL-10 to a L-ASA-SSL-50?Or is the only possible way to upgrade to 50 users with the upgrade licenses?L-ASA-SSL-10-25 and then L-ASA-SSL-25-50 ?