Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4521
Views
0
Helpful
7
Replies

Upgrading IOS on FWSM

Go to solution
Nachiappan Nachiappan
Level 1
Level 1

‎04-17-2011 07:19 PM - edited ‎03-11-2019 01:22 PM

Hi,

I am not much familar with FWSM. My main area of work is with routers and switches.

I need to upgrade the IOS on FWSM. Please clarify my question

·         When I did a “show boot device” on 6509 I don’t see any boot variable. Is that means, by default the FWSM boots from the cf:4 application partition  and we can upgrade the software to the current application partition ? [No need to use maintenance partition]

Helen#show boot device

Firewall Module [Mod: 2]:

·         Do we just copy the image from tftp/ftp to the device flash and reload the module ? if I do a show flash on the FWSM, it’s not showing the current software version.

fwsm# sh flash

flash file system:  version:3  magic:0x12345679

file 0: origin:       0 length:6390272

file 1: origin: 6390272 length:11490496

file 2: origin:17881088 length:40

file 3: origin:17881600 length:2863

file 4: origin:21085696 length:280

Where is the software version is stored on the FWSM.


Thanks

Nachi

Labels:
0 Helpful
4 Accepted Solutions

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎04-17-2011 07:41 PM

Yes, by default it boots from cf:4

What version of FWSM are you currently running and what are you going to upgrade it to?

You don't have to use the Maintenance partition to upgrade the FWSM, you can upgrade the FWSM from the FWSM console itself.

From the 6500 switch, please session into the FWSM, and you can check the version via "show version".

To upgrade the FWSM from the FWSM session itself:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/swcnfg_f.html#wp1042136

(Note: please kindly be advised that FWSM can only hold 1 image, so when you upload the FWSM image to the FWSM on flash, please name it "image", it will overwrite the existing image, and once you reload the FWSM, it will boot the newly uploaded image).

Eg: copy tftp flash:image

Hope this helps.

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Nachiappan Nachiappan

‎04-17-2011 08:12 PM

OK, great, just upgrade it directly from the FWSM itself.

copy tftp flash:image

Source file would be c6svc-fwm-k9.4-0-15.bin

Destination file would be image

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Nachiappan Nachiappan

‎04-20-2011 10:03 PM

No, there is no feature to check the MD5 check on FWSM.

The FWSM will automatically check to ensure the image is OK.

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Nachiappan Nachiappan

‎04-20-2011 10:28 PM

Thanks, please kindly mark the post as answered if you have no further question. Thank you.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎04-17-2011 07:41 PM

Yes, by default it boots from cf:4

What version of FWSM are you currently running and what are you going to upgrade it to?

You don't have to use the Maintenance partition to upgrade the FWSM, you can upgrade the FWSM from the FWSM console itself.

From the 6500 switch, please session into the FWSM, and you can check the version via "show version".

To upgrade the FWSM from the FWSM session itself:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/swcnfg_f.html#wp1042136

(Note: please kindly be advised that FWSM can only hold 1 image, so when you upload the FWSM image to the FWSM on flash, please name it "image", it will overwrite the existing image, and once you reload the FWSM, it will boot the newly uploaded image).

Eg: copy tftp flash:image

Hope this helps.

0 Helpful

Go to solution
Nachiappan Nachiappan
Level 1
Level 1
In response to Jennifer Halim

‎04-17-2011 08:06 PM

Thanks for your prompt response.

Please find the sh ver details below:

fwsm# sh ver

FWSM Firewall Version 4.0(3)
Device Manager Version 6.1(5)F

Compiled on Sun 19-Oct-08 02:53 by fwsmbld

fwsm up 23 days 15 hours

Hardware:   WS-SVC-FWM-1, 1024 MB RAM, CPU Pentium III 1000 MHz
Flash TOSHIBA THNCF128MBA @ 0xc321, 20MB

0: Int: Not licensed        : irq 5
1: Int: Not licensed        : irq 7
2: Int: Not licensed        : irq 11
........

I am upgrading to the version "c6svc-fwm-k9.4-0-15.bin" due to the bugs with the existing version.

Thanks

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Nachiappan Nachiappan

‎04-17-2011 08:12 PM

OK, great, just upgrade it directly from the FWSM itself.

copy tftp flash:image

Source file would be c6svc-fwm-k9.4-0-15.bin

Destination file would be image

0 Helpful

Go to solution
Nachiappan Nachiappan
Level 1
Level 1
In response to Jennifer Halim

‎04-18-2011 09:50 PM

Is it possible to do MD5 check on FWSM as we do for routers and switches ?

Thanks

Nachi

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Nachiappan Nachiappan

‎04-20-2011 10:03 PM

No, there is no feature to check the MD5 check on FWSM.

The FWSM will automatically check to ensure the image is OK.

0 Helpful

Go to solution
Nachiappan Nachiappan
Level 1
Level 1
In response to Jennifer Halim

‎04-20-2011 10:12 PM

Thanks Jennifer.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Nachiappan Nachiappan

‎04-20-2011 10:28 PM

Thanks, please kindly mark the post as answered if you have no further question. Thank you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card