?
Solved

Upgrading IOS on PIX 515E

Posted on 2006-07-20
18
Medium Priority
?
993 Views
Last Modified: 2013-11-16
So it's at:

Cisco PIX Firewall Version 6.1(4)
Cisco PIX Device Manager Version 1.1(2)

Am I right that I can't upgrade, except to 6.2.X without upgrading to at least 64mb RAM?

And would I be correct to assume that I could buy memory for it and upgrade it myself, perhaps from ciscomemoryupgrades.com?

thanks
0
Comment
Question by:corphealth
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 3
  • 3
  • +1
18 Comments
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17149651
You can't go to 7.x without atleast 64MB ram, you can upgrade the memory yourself, its not hard

I'm still looking but I can't see why you shouldn't be able to go to 6.3(5) version.  Of course are you in restricted or unrestricted mode on the 515
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17149658
also how much ram do you have now
0
 

Author Comment

by:corphealth
ID: 17149789
Hardware:   PIX-515E, 32 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17149798
ok found the memory requirements for 6.3, I'd upgrade to that until you can get the memory up to 64MB
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_note09186a00804e6d6d.html#wp31990

also, be aware that the config will need changing when going to 7.x so keep that in mind too
0
 

Author Comment

by:corphealth
ID: 17149809
What kind of config, I read somewhere else in here where someone said that upgrade IOS on the pix from 6.3.X and it would keep the config.
Please elaborate. =)
-chipTM
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17150003
i wouldn't if I were you.  vpngroup was replaced with tunnel-group for one thing.  If you used conduits, their gone.  There is a lot that changed so I really wouldn't bank on the IOS upgrade to take care of everything for you.  In fact before you make that leap I'd make a config backup just in case its beyond repair and you have to start from scratch.  Don't get me wrong, you may get lucky depending upon the difficulty of your config and it upgrades fine, but I'd research it before you do an upgrade
0
 
LVL 9

Expert Comment

by:Pentrix2
ID: 17150566
I seem a PIX upgrade from 6.3 to 7 and they lost their internal exchange connectivity.  This is due from commands changing in the versions.

David
0
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 750 total points
ID: 17150602
yup, that's exactly why you should go to 6.3(5) for now to get it updated as much as possible without worrying about any config changes, then research the changes for 6.3 -> 7.x upgrades
0
 
LVL 20

Expert Comment

by:calvinetter
ID: 17151155
Before upgrading, I assume you have current SmartNet support on this PIX? Otherwise upgrading isn't an option.

  Agree with Cyclops3590 that you should do some research before considering going to 7.x.  If/when you go to 7.x, be absolutely sure you read *all* documentation carefully, as there's a danger of corrupting the install.
  Even from 6.1 to 6.3 there are some fairly significant changes, mostly improvements.  Suggest you research 6.3 before upgrading to it, if you're going the route of "incremental changes."  Even if just upgrading to 6.3 for now, I'd highly recommend converting any conduit statements to ACLs (since conduits are *not* supported in 7.x), & checking what commands are changed or not supported in 6.3.

  New & changed features in 6.3 series:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_note09186a0080579fbf.html#wp32151

  Important:  see the following for info on 7.x:
  General release notes (especially "System Requirements" & "Changes to Existing PIX 6.x Features"):
http://www.cisco.com/en/US/products/sw/secursw/ps2120/prod_release_note09186a008057a11d.html
  * Upgrade Guide*:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_70/pix_upgd/index.htm

cheers
0
 

Author Comment

by:corphealth
ID: 17153544
Yes, they are in ACL form already.  I have holding off on upgrading until I get the memory for it I ordered, and until after we switch to a new ISP tonight.  That being said, what is this smartnet??!?!
0
 
LVL 20

Expert Comment

by:calvinetter
ID: 17153614
 SmartNet is essentially a "Cisco extended support/warranty" contract, which permits you to download & install new PIX software from Cisco's website.  SmartNet should be purchased when you bought the PIX, & needs to be renewed yearly (or every 3 yrs possibly).  If you bought this new but never got SmartNet for it, you should be able to buy SmartNet for it after the fact; this might entail getting a 3rd-party to inspect the PIX to ensure it's in good working order, before Cisco will allow you to put a SmartNet contract on it.  Contact your distributor or a local Cisco reseller for details.
  Without SmartNet, Cisco will *not* allow you to download new PIX images from their website, due to licensing.

cheers
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17153743
calvinetter can probably correct me, but I swear I've heard that some of Cisco's products offer one time upgrade options for a fee so you don' t have to buy the smartnet if you don't want (but I do recommend it)
0
 
LVL 20

Expert Comment

by:calvinetter
ID: 17158811
Greetings Cyclops!   The only thing of this nature I've heard is when there's a *serious* security vulnerabiltiy or a nasty, fatal bug that Cisco felt compelled to provide bugfixed code, so they don't lose credibility & lose customers.  ;)  In this case, they don't provide a free upgrade to the next major release, just the next minor maintenance version higher.  Let's say for example if 6.1(1) had such a fatal flaw, & Cisco might allow a 1-time upgrade to 6.1(2).

cheers
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17159836
umm, i could have swore you could pay for one time upgrades as well.  probably just imagining it i guess.

at any rate corphealth, these smartnets for one year really aren't very expensive. Probably a few hundred or so
0
 
LVL 9

Expert Comment

by:Pentrix2
ID: 17163447
To my understanding they provide paid one time upgrades for routers, switches, but haven't heard for PIXes.
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17164264
thx for the clarification Pentrix2
0
 
LVL 9

Expert Comment

by:Pentrix2
ID: 17164753
np Cyclops3590.

btw:  You are doing pretty good on this board.


David
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17166924
thx, I'm trying anyway.  Just got into Cisco firewalls a few of months ago and this board helped me out, so I thought I'd try to return the favor
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question