Release Notes for the Cisco ASA 5. Series, 8. 2xTable of Contents. Release Notes for the Cisco ASA 5. Series, Version 8. Important Notes. Limitations and Restrictions. SmartPCFixer is a fully featured and easytouse system optimization suite. With it, you can clean windows registry, remove cache files, fix errors, defrag disk. If youre moving huge files around or need to keep your entire media library with you, sometimes the good ol fashioned sneakernet is the best method. Flash. Upgrading the Software. Downloading Software from Cisco. Upgrading Between Major Releases. Upgrading the Phone Proxy and MTA Instance. Activation Key Compatibility When Upgrading. System Requirements. Memory Requirements. Standard DRAM and Internal Flash Memory. Memory Upgrade Kits. Viewing Flash Memory. DRAM, Flash Memory, and Failover. ASDM, Module, and VPN Compatibility. Keychain_access.png' alt='Adobe Flash Player Certificate Authentication Failed Firefox' title='Adobe Flash Player Certificate Authentication Failed Firefox' />New Features. Marzocchi Drop Off 3 Manual here. New Features in Version 8. New Features in Version 8. New Features in Version 8. New Features in Version 8. New Features in Version 8. New Features in Version 8. New Features in Version 8. New Features in Version 8. Adobe Flash Player Certificate Authentication Failed Firefox' title='Adobe Flash Player Certificate Authentication Failed Firefox' />New Features in Version 8. Open Caveats. Resolved Caveats. Resolved Caveats in Version 8. Resolved Caveats in Version 8. Resolved Caveats in Version 8. Resolved Caveats in Version 8. Pressa_stat/VPN_PROXY/Adobe_900.jpg' alt='Adobe Flash Player Certificate Authentication Failed Firefox' title='Adobe Flash Player Certificate Authentication Failed Firefox' />Related Documentation. Obtaining Documentation and Submitting a Service Request. Release Notes for the Cisco ASA 5. Series, Version 8. Released May 8, 2. Updated July 1. 2, 2. This document contains release information for Cisco ASA 5. See my Defensive Computing blog at Computerworld. Other Testers No web site on the Internet is particularly unique. Below is a list of other tester web sites. Adobe Flash Player Certificate Authentication Failed Firefox Download' title='Adobe Flash Player Certificate Authentication Failed Firefox Download' />Versions 8. This document includes the following sections Important Notes. TheINQUIRER publishes daily news, reviews on the latest gadgets and devices, and INQdepth articles for tech buffs and hobbyists. Limitations and Restrictions. The SSL SHA2 digital signature capability for authentication of AnyConnect SSL VPN sessions Versions 2. This site is intended solely for use by authorized Oracle customers, partners, and employees. Use of this site is subject to the Legal Notices and Terms for Use and. The U. S. government recently revamped its password recommendations, abandoning its endorsement of picking a favorite phrase and replacing a couple characters with. Cisco ASA Clientless SSL VPN Portal Customization Integrity VulnerabilityMultiple vulnerabilities have been fixed for clientless SSL VPN in ASA software, so you should upgrade your software to a fixed version. See http tools. Cisco. Security. Advisorycisco sa 2. ASA versions. Also, if you ever ran an earlier ASA version that had a vulnerable configuration, then regardless of the version you are currently running, you should verify that the portal customization was not compromised. If an attacker compromised a customization object in the past, then the compromised object stays persistent after you upgrade the ASA to a fixed version. Upgrading the ASA prevents this vulnerability from being exploited further, but it will not modify any customization objects that were already compromised and are still present on the system. The Advanced Inspection and Prevention Security Services Card AIP SSC can take up to 2. This initialization process must complete before configuration changes can be made to the sensor. Attempts to modify and save configuration changes before the initialization completes will result in an error. See the Upgrading the Software section for downgrade issues after you upgrade the Phone Proxy and MTA instance, or if you upgrade the activation key with new 8. For detailed information and FAQs about feature licenses, including shared licenses and temporary licenses, see Managing Feature Licenses for Cisco ASA 5. Version 8. 2 at http www. USdocssecurityasaasa. When using Clientless SSL VPN Post SSO parameters for the Citrix Web interface bookmark, Single Sign On SSO works, but the Citrix portal is missing the Reconnect and Disconnect buttons. Only the Log Off button appears. When not using SSO over Clientless, all three buttons show up correctly. Workaround Use the Cisco HTTP POST plug in to provide SSO and correct Citrix portal behavior. On the ASA 5. 51. Version 8. 2 uses more base memory than previous releases. This might cause problems for some ASA 5. If your current show memory command output displays less than 2. ASA 5. 51. 0 from 2. MB to 1 GB before proceeding with the Version 8. See the Memory Requirements section. On the ASA 5. 58. Version 8. 2 shows increased CPU usage under stressed conditions than Version 8. Connection ProfileTunnel Group terminology in CLI vs. ASDMThe ASA tunnel groups define the initial connection parameters and attributes such as AAA, client address assignment, and connection aliasgroup url for a remote access VPN session. In the CLI, they are referred to as tunnel groups, whereas in ASDM they are referred to as Connection Profiles. A VPN policy is an aggregation of Connection Profile, Group Policy, and Dynamic Access Policy authorization attributes. Cosmetic startup message issue on the ASA 5. XCisco manufacturing recently discovered a process error that resulted in loading a test build of BIOS firmware on many early shipments of the ASA 5. X. On the affected units, more text than usual displays on the console during startup before reaching the rommon prompt. Included in the extra output is the following message banner CISCO SYSTEMS Spyker Build, TEST build not for Customer Release Embedded BIOS Version 2. While you may see this additional text, there is no functional impact to the ASA operation you can ignore the additional text. The test build provides additional information that can be used by engineers to pinpoint hardware problems during the manufacturing process. Unfortunately, there is no field upgradeable resolution to eliminate this message that does not require replacing the hardware. Hardware with a serial number that falls within the following ranges could be impacted by this cosmetic issue. Note that not all serial numbers within these ranges are impacted. JMX1. JMX1. 52. 0xxxx JAF1. JAF1. 51. 6xxxx for ASA SSP 2. K8 onlyHardware with the following Product IDs for the above serial numbers could be impacted by this cosmetic issue ASA5. S2. 0 K8 ASA5. S2. K9 ASA5. 58. S2. 0P2. K8 ASA5. S2. 0P2. K9 ASA5. S2. 0P2. XK9 ASA5. S2. 0X K9 ASA SSP 2. K8Only 4 GB of memory is available in ASA 8. ASA 5. 58. 0 and 5. X platforms. All available memory in multi core platforms ASA 5. X in ASA 8. 25 are also available in ASA 8. To take advantage of the enhanced capability, you should upgrade your devices to the ASA 8. Limitations and Restrictions. The SSL SHA 2 digital signature capability for authentication of Any. Connect SSL VPN sessions Versions 2. ASA Version 8. 2. The feature was introduced in ASA interim Version 8. Stateful Failover with Phone ProxyWhen using Stateful Failover with phone proxy, information is not passed to the standby unit when the active unit goes down, the call fails, media stops flowing, and the call must be re established. No. NET over Clientless sessionsClientless sessions do not support. NET framework applications CSCsv. The ASA does not support phone proxy and CIPC for remote access. The AIP SSC 5 does not support virtualization, unretiring default retired signatures, creating custom signatures, adding signatures, cloning signatures, or anomaly detection. The ASA cannot fully support domain based DFS. To support this, the ASA would need to join the Active Directory and query the Active Directory server for DFS referral. Instead the ASA sends the DFS referral to the DNS servers configured for the users. Since the AD server is the DNS server in most cases, the majority of customer configurations are covered. ASA 5. ASA 5. 52. ASA 5. ASA 5. 55. We strongly recommend that you enable hardware processing using the crypto engine large mod accel command instead of software for large modulus operations such as 2. DH5 keys. If you continue to use software processing for large keys, you could experience significant performance degradation due to slow session establishment for IPsec and SSL VPN connections. We recommend that you initially enable hardware processing during a low use or maintenance period to minimize a temporary packet loss that can occur during the transition of processing from software to hardware. Note For the ASA 5.