07-09-2007 11:57 PM - edited 03-11-2019 03:42 AM
I want to upgrade a failover pix 535 bundle with 6.3(3) to 7.2 but I do not have enough memory in the flash, can anyone tell me how to go about this.
Also the flash directory layout is not clear. If I do dir flash or sh flash, the name of the files are not display, please see below
flash file system: version:3 magic:0x12345679
file 0: origin: 0 length:1941560
file 1: origin: 1966080 length:15467
file 2: origin: 2097152 length:1933
file 3: origin: 2228224 length:3152452
file 4: origin: 0 length:0
file 5: origin: 8257536 length:308
Which files can I delete to have more space on the flash.
Thanks
07-10-2007 11:19 AM
Hello Simi,
You PIX is perfectly fine for upgrade. Please refer to following link-
"PIX 525 and PIX 535 Minimum Memory Requirements"
http://www.cisco.com/en/US/docs/security/asa/asa70/pix_upgrade/upgrade/guide/pixupgrd.html#wp1802378
Refer to following link for upgrade procedure-
http://www.cisco.com/en/US/docs/security/asa/asa70/pix_upgrade/upgrade/guide/pixupgrd.html#wp1921265
Here is explanation of your current flash:
flash file system: version:3 magic:0x12345679
file 0: origin: 0 length:1941560 -PIX Binary Image
file 1: origin: 1966080 length:15467 -PIX Config
file 2: origin: 2097152 length:1933 -IPSec data
file 3: origin: 2228224 length:3152452 -PDM Binary Image
file 4: origin: 0 length:0 -Crashinfo file
file 5: origin: 8257536 length:308 -Filesystem record
Hope this helps.
Regards,
Vibhor.
07-11-2007 02:08 AM
Hi Vibhor,
I followed the Cisco upgrade procedure yesterday in monitor mode, no joy, after entring the address ip, server ip then try to ping the server IP from monitor mode, it was abortive. I can ping the server IP address when the PIX is in enable mode but can not ping the server when in monitor mode. As Cisco advice "If you are upgrading from an existing PIX 515 or a PIX 535 with PDM installed, you MUST upgrade from monitor mode.
I have PDM installed on the pix 535.
How can I remove the PDM from the flash and upgrade the PIX in a normal mode?
what command do i need to use to delete the PDM Binary Image?
I have 16 MB flash in my PIX, below is the flashfs on my PIX, I believe if I can remove the PDM Image of 3M on my flash, I should be able to get the Image on my Pix, at the moment if I do copy tftp flash, the PIX will tell me insufficient space on my flash. Removing the PDM image will do the job
flash file system: version:3 magic:0x12345679
file 0: origin: 0 length:1941560
file 1: origin: 1966080 length:15739
file 2: origin: 2097152 length:1933
file 3: origin: 2228224 length:3152452
file 4: origin: 0 length:0
file 5: origin: 8257536 length:308
Please tell me how to remove the PDM image. I dont need it since I will be using the Cisco ASDM that come with the 7.2(2).
Thanks
07-11-2007 03:44 AM
Hello,
Unfortunately, once you have PDM installed, theres no way to delete/uninstall it so you don't have to go to monitor mode to upgrade.
Make sure that when in monitor mode you've specified a gateway and can ping that. If you can't, try changing the interface being used. If I remember correctly, you *have* to use one of the fast ethernet interfaces, not the gigabit, in order for this to work (monitor mode isn't smart enough to use gigabit ethernet)
Simples way may be to bring your laptop out to the firewall and hook it up via cross-over cable to a fast ethernet interface (if you're using gigabit and not the fast ethernet interfaces) and do it that way.
--Jason
Please rate this message if it helped solve some/all of your issue or question.
07-11-2007 05:37 AM
Hi Jason,
Thanks for your advice, that's right Cisco said you need to use interfaces from slots 4 to 8 from bus 2. I tried that, it did not work.
When I was at the monitor mode I typed the following
interface 4, the Pix return with this info.
please use interface 0 or 1
if I type interface e4, the pix return with a timeout message
If I type
interface 1, the pix accept this and I do the following from monitor mode
address 192.168.83.1
server 192.168.83.6
"server is directly connected to Pix interface 1"
ping 192.168.83.6
The ping fail. If the ping fail I can not do tftp.
Can I ask you this question, when you are in the monitor mode, does this pix still uses its running config or it should take and use the ip address had entered in the monitor mode?.
From your reply, you said once PDM installed, there is no way to delete/uninstall this. What does these command do:
flashfs downgrade 5.x
If I want to format the flashfs, what command do I need to use.
Thanks
07-11-2007 10:12 AM
Hello Simi,
Jason is correct in saying that there is no official way of deleting PDM once installed, but I have a workaround for you .. :-) Its not documented anywhere but it works.
Here is the procedure on how you can delete the PDM file from your PIX-
- You need a valid PDM image
- A TFTP server, which you already have.
(In the procedure below, refer to my comments marked by ##)
pix(config)# sh flash
flash file system: version:3 magic:0x12345679
file 0: origin: 0 length:1978424
file 1: origin: 2097152 length:6961
file 2: origin: 2228224 length:8506
file 3: origin: 2359296 length:3152452
file 4: origin: 5636096 length:131072
file 5: origin: 8257536 length:308
pix(config)# copy tftp flash:pdm
Address or name of remote host []?
Source file name []?
copying tftp://192.168.16.25/pdm-304.bin to flash:pdm
[yes|no|again]? yes
## Executing above will first start erasing the PDM image.
Erasing current PDM file
Writing new PDM file
## As soon as you see the writing message, shut down you TFTP application
!!!tftp: Timed out during transfer
Erasing partial PDM file
PDM file not installed.
## Now check your flash and PDM is gone.
pix(config)# sh flash
flash file system: version:3 magic:0x12345679
file 0: origin: 0 length:1978424
file 1: origin: 2097152 length:6961
file 2: origin: 2228224 length:8506
file 3: origin: 2359296 length:0
file 4: origin: 5636096 length:131072
file 5: origin: 8257536 length:308
Now you may try upgrading directly from enable mode. Apart from this, here is the answer to your question "when you are in the monitor mode, does this pix still uses its running config or it should take and use the ip address had entered in the monitor mode?."-
Monitor mode does not use the settings from the running config. It uses the IP address you specify when in monitor mode.
I hope this helps.
Regards,
Vibhor.
07-12-2007 12:17 AM
Hi Vibhor,
Thanks for your advice, from the output below, I carried out the task you asked me to perform, that worked you can see from my sh flash command that I have nothing in the pdm flash partition, after doing this I tried to copy the pix722.bin file and I am still having problem doing this, I get "Insufficient flash space available for this request" error.
Also remember I have 16M flash, is this the problem? Looking at the flash, I hardly have up to 2.5M of data in it and the Pix Image is like 8M which I think the flash should be sufficient to hold it.
This is in an Active/Standby mode setup and I am working on the Standby pix, but it's not in production yet, want to upgrade these pix's before going into production.
What is the way forward please.
Thanks
pix# sh flash
flash file system: version:3 magic:0x12345679
file 0: origin: 0 length:1941560
file 1: origin: 1966080 length:15786
file 2: origin: 2097152 length:1933
file 3: origin: 2228224 length:0
file 4: origin: 0 length:0
file 5: origin: 8257536 length:308
pix# copy tftp flash
Address or name of remote host [0.0.0.0]? 192.168.83.8
Source file name [cdisk]? pix722.bin
copying tftp://192.168.83.8/pix722.bin to flash:image
[yes|no|again]? yes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
OUTPUT SURPRESSED
Received 8312832 bytes
Erasing current image
Insufficient flash space available for this request:
Size info: request:8224824 current:1941560 delta:6283264 free:6029312
Image not installed
pix#
07-18-2007 12:56 AM
I am really disappointed that non of the Cisco firewall guru can look into this problem and solve it. The problem has been outstanding for days now and no update yet. If this can not be looked into/solved please close the call.
07-18-2007 08:16 PM
Hello,
The problem is that in the 6.x version of code it only recognizes the first 8 megs of flash. Even erasing PDM, that only leaves you with 6 meg free - and the 722 image is over 8 megs, so it's not going to work.
Try using pix701 code which is smaller (5 megs) and should work, assuming you have 6 megs actually free. Then upgrade from there (7.x code recognizes the 16meg of flash) to 7.22
--Jason
Please rate if this helped solve some/all of your issue.
07-19-2007 12:01 AM
if pix in monitor mode, OS not loaded and config not parsed. you must enter ip\server\filename\gateway for software upgrade.
after that new OS will parse config. after you check\fix config you must upload new OS to the flash and set system boot image.
i upgrade 4 pix 515E about 2 weeks ago, all with PDM installed. One of them was upgraded via internet. Stuff in office connect PC with freebsd to the pix console and freebsd was connected to the internet. Image was uploaded from inside interface via TFTP.
03-10-2009 09:44 AM
I ran into this when trying to take my PIX 525 from 6.3(5) to 8.0. Wasn't making sense because the device has the required 16MB flash, but it wasn't working. During the intial reboot in the upgrade process the new code rewrites how it addresses and uses flash and allows you to use a flash amounts greater than 8MB, but before that on 6.3(5) I believe you can only use 8MB chunks.
You might check to make sure you're using PIX code 7.0/8.0 code and not ASA 7.0/8.0, which was my issue. I know better but for some reason it wasn't clicking that the code would be specific to the firewall hardware. Also the PIX code stays under 8MB while the ASA includes more bloat that gets it up into the 14MB.
You'd think if you're using the wrong code that it would tell you, but it does not, at least on 6.3(5). It simply says insufficient memory. However on newer releases it does state image not valid for platform.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide