i found my ASDM have an

baselzind · ‎10-29-2016

hi i have 2 6509 core switches with each one having one fwsm installed and failover configured between them i plan to do the following upgrade:

asdm:6.1(3)F >>> 6.2(3)F

ios:4.0(5) >>> 4.1(15)

i read that if it isnt a major upgarde i can upgrade them with the failover configured but the issue is the method , so far i read i do a copy tftp flash:image (i read i should name the upgrade ios as "image" ??? correct?) then i restart the module (should i restart it from the fwsm cli or from the core switch like restart module?) , but how do i upgrade the asdm? i did a show flash on the fwsm but the result was confusing

lash file system: version:3 magic:0x12345679
file 0: origin: 0 length:6390272
file 1: origin: 6390272 length:11554384
file 2: origin:17945088 length:3385
file 3: origin:17948672 length:31516
file 4: origin:21085696 length:280

please help?

Marvin Rhoads · ‎10-30-2016

Copy the new system software (it's not called ios by the way) to both the primary and standby unit as explained here:

http://www.cisco.com/c/en/us/td/docs/security/fwsm/fwsm41/configuration/guide/fwsm_cfg/swcnfg_f.html#wp1042136

Then follow this procedure:

http://www.cisco.com/c/en/us/td/docs/security/fwsm/fwsm41/configuration/guide/fwsm_cfg/swcnfg_f.html#wp1064044

You will be reloading the Secondary-Standby unit from the primary unit's FWSM cli. The failover and repeat from the now Secondary-Active unit. Finally you will then failover once more and have the end result of both units upgraded and the operational status of Primary-Active and Secondary-Standby.

To upgrade ASDM, simply copy the new ASDM image to both units as described here:

http://www.cisco.com/c/en/us/td/docs/security/fwsm/fwsm41/configuration/guide/fwsm_cfg/swcnfg_f.html#wp1052263

When you reload ASDM (from your client), the new image will be used.

baselzind · ‎10-30-2016

thank you , so to get this clear :

1-first i copy the application software to both fwsm using this , copy tftp: flash

2-i save configuration on both fwsm

3-after copying the file it will replace the already application software installed? and reloading it will boot into the new one without chaning boot variable like in switches?

3-i reload the standby then wait for it to come up then switch to it and make it active then reload the former active fwsm

for the asdm

1-first i copy the asdm to both fwsm using this , copy tftp: flash:asdm (this time i sepcify flash:asdm?)

2-i save configuration on both fwsm

3-after copying the file it will replace the already asdm installed? and reloading it will boot into the new one without chaning boot variable like in switches?

3-i reload the standby then wait for it to come up then switch to it and make it active then reload the former active fwsm

Marvin Rhoads · ‎10-31-2016

That's correct except for the very last step - you do not need to reload the FWSM to have the new ASDM in effect - only restart ASDM on your client machine.

You do copy it over using the source asdm file name and target = flash:asdm.

baselzind · ‎10-31-2016

ok so for the asdm it will be like that ( copy tftp:"type in source nfile name" flash:asdm?) i name the file simply "asdm" on the fwsm?

also for the application software what do i name the file on the flash? do i name it "image" or the source file name? like (copy tftp:"type in source file name" flash:image) ?

do i need to change boot file like in switches?

Marvin Rhoads · ‎11-01-2016

The target file names should be:

cdisk (for the system software)

asdm (for the ASDM image)

...as noted in the guides linked above.

The FWSM is distinct from the standard ASAs in that way. You do not have to specify a boot image or ASDM image with a separate command.

baselzind · ‎11-01-2016

i found my ASDM have an upgrade option in the GUI , it seems much simpler and easier than CLI , but my question is :

1-do i upgrade the software and asdm on the standby fwsm then reload then make it primary

2-then upgrade the previous primary now secondary fwsm?

how to upgrade 2 failover FWSM?