09-14-2010 11:14 PM - last edited on 03-25-2019 05:19 PM by ciscomoderator
Hi all,
i want to upgrade my IDSM-2 from 6.2(1) to 7.0(4).
my interface is promiscuous mode and inline highrisk Deny packet Inline is enable on it.
i want to know while upgrading process,
what will happen to packet flow?
is it gonna stop or go normal.
Bypass mode is Auto
Thanks,
Charanjit Singh
09-15-2010 05:51 AM
Packet will flow as normal during upgrade as the IDSM is in promiscuous mode. Upgrade also requires a reboot as well.
09-15-2010 04:18 PM
Thanks helijenn for your reply,
i am concern about what would be the rollback process if something goes wrong while upgrading.
like i mean how to get back to 6.2(1)E3 if something goes wrong.
09-15-2010 04:22 PM
You can reimage the IDSM back to version 6.2.1(E3), however, we don't see many issues with upgrade to version 7.0.
I would suggest that you take a backup copy of your configuration prior to upgrade.
09-15-2010 05:20 PM
can you please explain process of system reimaging.
because i lost in the concept of application and maintenance partition
Thanks
09-15-2010 05:26 PM
Here is the steps to reimage IDSM for your reference:
http://www.cisco.com/en/US/docs/security/ips/5.0/configuration/guide/cli/cliimage.html#wp1031426
Hope that helps.
09-15-2010 05:45 PM
after doing system re-imaging.
do i really need to do last step initialisation of IDSM using setup command or i can use copy command to upload my backup config to current config.
will it solve all problems???
09-15-2010 05:54 PM
Here is the difference between upgrade and reimage:
Upgrade - configuration will be kept as it is.
Reimage - configuration will be wiped out, and you would need to reconfigure the IDSM at least running the setup command for basic network connectivity.
Please do not reimage the IDSM unless it is necessary.
If you are trying to upgrade the IDSM, please use the upgrade file to upgrade it, and if and only if the upgrade fails, that is when you would need to perform system reimage.
09-15-2010 06:14 PM
yeah i got what u mean,
but in our organization we can't make changes without knowing the full rollback procedure.
and one last question,
when i go to cisco to download files
IPS Manager Express (IME) Software
Intrusion Detection System (IDS) Recovery Software
Intrusion Detection System (IDS) Signature Updates
Intrusion Detection System (IDS) System Software
Intrusion Detection System (IDS) System Upgrades
Intrusion Prevention System (IPS) Recovery Software
Intrusion Prevention System (IPS) Signature Updates
Intrusion Prevention System (IPS) System Software
Intrusion Prevention System (IPS) System Upgrades
please correct me if i am wrong.
System software are system images.
sytem upgrades are like engine upgrades,
Signature updates are normal singnature update on specific engine.
What is the difference between IPS and IDS files.
and where and when we use recovery software
TIA
09-15-2010 06:43 PM
Yes you are absolutely right.
IDS is the older version of software, you can disregard that section.
Here is the explaination on recovery file:
http://www.cisco.com/en/US/docs/security/ips/5.0/configuration/guide/cli/cliimage.html#wp1030707
09-15-2010 08:06 PM
the doc you send me contain information regarding downgrade command,
can we use downgrade command to roll back to 6.2(1) if something goes wrong while upgrading
http://www.cisco.com/en/US/docs/security/ips/5.0/configuration/guide/cli/cliimage.html#wp1044573
thanx
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide