On PIX 525, post software upgrade to Version 7, PDM stops working

Posted on 2006-03-26
Last Modified: 2013-11-16
Recently upgraded my Cisco PIX 525 from Version 6.3 to version 7.0 (4).

Upgrade was done in accordance with steps mention in this article and was successful:

The current "sh ver" command output is:

Cisco PIX Security Application Software Version 7.0(4)
System Image file is "flash:/image.bin"
Hardware: PIX 525, 256 MB RAM
Flash: 16 MB
BIOS Flash: 32kb
"Sh flash" output is:
Directory of Flash :/
4  -rw-  2748       downgrade.cfg
7  -rw-  5286296  image.bin
11 -rw- 5437440  image

16128000 bytes total (5294080 bytes free)
"sh mem" displays free memory 77% and used memory as 23%
When I try to upgrade asdm by giving the command copy tftp flash and specify filename asdm-501.bin from source to destination from my tftp server, after downloading the file for a few seconds, console returns an error message:

"% error copying tftp:// /asdm-501.bin (Not enough space on device)

Also, PDM has stopped working post upgrade to Version 7.0. Seems like my flash memory is full.

Any advise o what to do here??
Question by:fahim
    LVL 79

    Expert Comment

    > PDM has stopped working post upgrade to Version 7.0.
    Yes, PDM does not work at all with 7.x - you must use ASDM

    >version 7.0 (4)
    >asdm-501.bin (Not enough space on device)

    You should be using asdm 504.bin to match 7.0(4) OS

    You can save downgrade.cfg and image.bin off to your tftp server, then delete them. This will free up enough flash space for the asdm image.

    Then, you must add the following command to the PIX before you can use the ASDM:

       pix(config)#asdm image flash:/asdm-504.bin


    Author Comment

    Hi lrmoore...thax for the reply.

    I was able to copy downgrade.cfg to my tftp server but when I issued the command :"copy flash to tftp" and assigned filename to copy to tftp as "flash:/image.bin", the message displayed on console was: (%Error copying flash:/image.bin, Inapproriate file type or format.)

    Though I was able to successfully upload "image" file without the .bin extension.

    When I issue command "sh ver" the output says: (System image file is "flash:/image.bin")

    So, does this mean the system is using "image.bin" to boot?

    Also, before I read your comment yesterday, I thought that let me go to most current level of IOS to solve my problems and hence tried doing the tftp transfer and subsequent reload of PIX after installing "pix712.bin".

    Post reload, my version still shows 7.0(4) though configuration data is intact. It's as if the Upgrade process, despite having gone through without giving me any error messages, is not reflecting. Does this mean I am still at version 7.0(4) effectively and should try employing "asdm-504.bin"?

    LVL 79

    Expert Comment

    My bad. You can now

    delete flash:image

    Try reloading pix712.bin again:
      copy tftp:// flash:image.bin

      copy tftp:// flash:asdm-512.bin
      asdm image flash:/asdm-512.bin

    With 712 you should use asdm 512 - always update the asdm when you update the pix os

    LVL 79

    Accepted Solution

    FYI, here's result of "sho flash" from my PIX

    Directory of flash:/

    4      -rw-  2421        08:14:57 Dec 14 2005  downgrade.cfg
    7      -rw-  6764544     00:21:52 Mar 26 2006  image.bin
    11     -rw-  7495680     00:14:19 Mar 26 2006  asdm-512.bin

    Author Comment

    Thanks...Points allocated.

    Last queries..hope you'll answer...

    So what's the purpose of image file (without .bin extension) that you asked me to delete? Why was it there initially? When I copied that file to tftp (flash:image), what use could it be to me in future?

    Why did my tftp transfer of image.bin failed?
    LVL 79

    Expert Comment

    When you first upgrade a PIX to 7.0 it automatically creates a backup of the config and a backup of the OS so that you can quickly recover if you need to. Unfortunately, that does not leave room on the flash for the ASDM image.
    I can't explain why the transfer of image.bin failed...

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Suggested Solutions

    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    This video discusses moving either the default database or any database to a new volume.

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now