Solved

PIX 6.3 to 7.0 upgrade for PIX 515E UR

Posted on 2009-04-02
13
2,774 Views
Last Modified: 2012-05-06
Hi,

See my show version of PIX 515E UR

#########
pix# show version

Cisco PIX Firewall Version 6.3(4)
Cisco PIX Device Manager Version 3.0(3)

Compiled on Fri 02-Jul-04 00:07 by morlee

pix up 201 days 22 hours

Hardware:   PIX-515E, 128 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : VAC+ (Crypto5823 revision 0x1)
0: ethernet0: address is 0012.d9eb.ff72, irq 10
1: ethernet1: address is 0012.d9eb.ff73, irq 11
2: ethernet2: address is 00e0.b600.6abc, irq 11
3: ethernet3: address is 00e0.b600.6abd, irq 10
4: ethernet4: address is 00e0.b600.6abe, irq 9
5: ethernet5: address is 00e0.b600.6abf, irq 5
Licensed Features:
Failover:                    Enabled
VPN-DES:                     Enabled
VPN-3DES-AES:                Enabled
Maximum Physical Interfaces: 6
Maximum Interfaces:          10
Cut-through Proxy:           Enabled
Guards:                      Enabled
URL-filtering:               Enabled
Inside Hosts:                Unlimited
Throughput:                  Unlimited
IKE peers:                   Unlimited

This PIX has an Unrestricted (UR) license.

Serial Number: 40xxxxx (0x1834595a)
Running Activation Key: 0x8xxxxxxxxxxxxxxxxxxxx
Configuration last modified by sinu at 11:04:56.417 IST Thu Oct 30 2008
###################
I am in the process of upgrading 6.3 version to current version. I would like to know the file name of new IOS , Is it 'pix724.bin' and 'asdm-524.bin' ?

thanks,




0
Comment
Question by:spectrumsofttech
  • 8
  • 5
13 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 24057048
Here is the current list
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24057057
oops, wrong format..

versions.htm.txt
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24057073
believe you need 64Meg Ram for that one,
It would be
asdm-613.bin
pix804.bin

for the full version 8's.

Or.
asdm508.bin
pix708.bin

for the last of version 7...
0
 

Author Comment

by:spectrumsofttech
ID: 24057489
Hi,

My show ver showing  '16MB flash and 128 MB RAM' , Is this enough for upgrading to 'pix724.bin'


"Hardware:   PIX-515E, 128 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB"

Also what is the commnd to see the present .bin file running in my PIX ?
How can I copy that to a tftp server ?

Thanks

0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24073496
yes, 64Meg is the minimum.

to see the flash, type "show flash".

to copy to a tftp server:
"copy xxxx.bin tftp" and follow the prompts.



0
 

Author Comment

by:spectrumsofttech
ID: 24074235
Let me confirm it again...
with "'16MB flash and 128 MB RAM' " I can upgrade to 'pix724.bin'

See my show flash, I didn't see any thing with xxxx.bin
pix# show flash
flash file system:  version:3  magic:0x12345679
  file 0: origin:       0 length:1966136
  file 1: origin: 2097152 length:5259
  file 2: origin: 2228224 length:3547
  file 3: origin: 2359296 length:3150260
  file 4: origin:       0 length:0
  file 5: origin:16646144 length:308
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 23

Expert Comment

by:debuggerau
ID: 24074509
hmm, I get:
 show flash

Directory of flash:/

3      d---  192         20:25:25 Feb 13 2006  lost+found
10     -rw-  31565       20:25:26 Feb 13 2006  downgrade.cfg
11     -rw-  7538688     13:45:50 Aug 22 2008  image.bin
20     -rw-  7562988     13:54:59 Aug 22 2008  pdm

16128000 bytes total (898048 bytes free)

anyways, I always copy it over as image.bin...
0
 

Author Comment

by:spectrumsofttech
ID: 24078074
Hi,

I have two files..
asdm-524.bin and pix724.bin.
Hope I need to apply both the files...or only pix724.bin is enough.

If both the file are needed, I hope I need to apply the pix724.bin first and then asdm-524.bin

One more thing, hope the following steps are enough to perform the upgrade..

1. SSH to PIX.
2. Go to eanble mode
3. go to configure terminal mode
4. copy tftp://192.168.0.100/pix724.bin flash:image
5. reload the PIX
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24083105
very good, always the pix first, then the asdm..

Have you got the upgrade guide from Cisco..
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708d8.shtml

Very helpful..

And no, do not ssh if you have monitor mode..
See instructions above..
0
 

Author Comment

by:spectrumsofttech
ID: 24138328
Hi,

It worked...upgraded my PIX...

see my show flash

pix# show flash

Directory of flash:/

6      -rw-  5259        12:08:57 Apr 14 2009  downgrade.cfg
9      -rw-  1966136     12:09:16 Apr 14 2009  image_old.bin
10     -rw-  8515584     12:13:53 Apr 14 2009  pix724.bin

16128000 bytes total (5624832 bytes free)

Now I want to apply the ASDM, there is no space left in the flash, shall I delete the image_old.bin from the flash ?
Thanks
0
 
LVL 23

Expert Comment

by:debuggerau
ID: 24143628
Sure, but check your running version firstly..
0
 

Author Comment

by:spectrumsofttech
ID: 24144560
HI,

See my show version...
pix> show ver

Cisco PIX Security Appliance Software Version 7.2(4)

Compiled on Sun 06-Apr-08 13:39 by builders
System image file is "flash:/pix724.bin"
Config file at boot was "startup-config"

pix up 20 hours 22 mins

Hardware:   PIX-515E, 128 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0xfff00000, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : VAC+ (Crypto5823 revision 0x1)
 0: Ext: Ethernet0           : address is 0012.d9eb.ff72, irq 10
 1: Ext: Ethernet1           : address is 0012.d9eb.ff73, irq 11
 2: Ext: Ethernet2           : address is 00e0.b600.6abc, irq 11
 3: Ext: Ethernet3           : address is 00e0.b600.6abd, irq 10
 4: Ext: Ethernet4           : address is 00e0.b600.6abe, irq 9
 5: Ext: Ethernet5           : address is 00e0.b600.6abf, irq 5

Licensed features for this platform:
Maximum Physical Interfaces : 6
Maximum VLANs               : 25
Inside Hosts                : Unlimited
Failover                    : Active/Active
VPN-DES                     : Enabled
VPN-3DES-AES                : Enabled
Cut-through Proxy           : Enabled
Guards                      : Enabled
URL Filtering               : Enabled
Security Contexts           : 2
GTP/GPRS                    : Disabled
VPN Peers                   : Unlimited

This platform has an Unrestricted (UR) license.

I have reloaded the PIX after applying the update...hope I can delete the old image.

thanks.
0
 
LVL 23

Accepted Solution

by:
debuggerau earned 500 total points
ID: 24144670
yes, should be straightforward.

delete flash:image_old.bin
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now