upgrade of PA-500

Reply
Highlighted
L0 Member

upgrade of PA-500

when in process of upgrading OS for pa-500 active/passive pair, on the passive devic i upgraded from 7.115 -- 8.0.0(download)-->8.0.20(install) -->8.1.0(download) -->8.1.12(install) 

now passive device is 2 major os version ahed , looking for ideas how can I perform upgrade on active ideas. now if i enable HA , i think one device being ahead of 2 major os version and preemption enabled it will cause all sort  of weird issues any smart ideas other then downgrading passive device .?

Highlighted
L4 Transporter

Re: upgrade of PA-500

Best practice, is to fail traffic to the passive as the first step after disabling pre-empt(personally I have it off all the time anyway.)

 

Then step through each iteration, switching firewalls at each step to confirm the upgrade is successful and traffic still passes.

 

From what you say you have upgraded the passive all the way in one go. You could disable pre-empt now and fail the traffic over and see if it works but your more likely to see and issue. 

 

Better option would be to downgrade the passive and then fail over to it and do one step at a time on each. That way they are only ever one version different be it Major, Minor or Increment.

 

Highlighted
L7 Applicator

Re: upgrade of PA-500

as long as one device is at a higher version, it will be 'non-functional' and the lower version member will be active 

preemption will not interfere here

 

the only way to change that is by suspending the passive member, so you can upgrade it while the already ugraded member takes the traffic

as soon as you unsuspend the lower version member it will take on the active role

reaper - PANgurus.com
I drink and I know things
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!