Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
312
Views
5
Helpful
5
Replies

cannot upgrade PIX515UR from 6.3 to 7.0 in monitor mode

nlariguet
Level 1
Level 1

‎03-18-2006 09:52 PM - edited ‎03-09-2019 02:19 PM

issue # 1: Cannot upgrade PIX515UR from 6.3 to 7.0 in monitor mode

Monitor mode required because there's no enough memory to do it in normal mode.

I am experiencing the same problems as seen on another post but I can't getting working for me:

http://forum.cisco.com/eforum/servlet/NetProf;jsessionid=n9v6ligfz1.SJ1B?page=netprof&forum=Security&topic=Firewalling&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.1dda062b/1#selected_message

First and foremost, there's only one Intel SE7525GP2 workstation connected to the inside port on the firewall through a 3Com Office Connect Gigabit 8 switch (to enable auto-negotiation as advised) and no other computers/devices are present on the network and the firewall is currently without an outside connection (that is, until the OS can be upgraded). The workstation is running Windows 2003 and has the SolarNet TFTP Server running (which works perfectly on firewall normal mode).

To begin with, the firewall was reset to factory-default configuration with write erase and reload commands.

Address configuration (in monitor mode) is as follows [address] [mask] [gateway]:

firewall on [192.168.1.1] [] [192.168.1.1]

workstation on [192.168.1.3] [255.225.225.0] [192.168.1.1] (no DNS) (no Windows firewall) (the network adapter is an Intel Pro/1000 integrated on the motherboard)

If I ping from the firewall to server it's all OK.

If I ping from the server to the firewall only time-out's are reported.

If I the firewall address is changed to, say, 192.168.1.2 keeping the same 192.168.1.1 gateway all remains the same.

If no gateways are specified on both ends all remains the same.

I suppose that's why the TFTP Server report time-outs all the time and the firewall freezes (until I hit ESC) after issuing the TFTP command to initiate the image file transfer.

Please advise.

By the way: can PDM be uninstalled/removed/deleted from the firewall freeing space which will result on more memory thus allowing the OS upgrade to be done from normal mode ? Just curious about it.

issue # 2:

Let's suppose I get the OS (and ASDM) upgrade done.

How should I configure the outside interface to work with a cable modem with a dynamic IP assigned by my provider ?

I would like to keep the 192.168.1.x scheme from my internal network and has the outside assigned dynamically by the provider as usual.

maybe ip address outside dhcp ?

Thanks.

initial configuration provided on setup after clearing to factory-default:

The following configuration will be used:

Enable password: <my-password>

Clock (UTC): 01:33:00 Mar 19 2006

Inside IP address: 192.168.1.1

Inside network mask: 255.255.255.0

Host name: firewall

Domain name: LV-426

IP address of host running PIX Device Manager: 192.168.1.3

config terminal

pager lines 100

username Nacho password <my-password> privilege 15

show version

Cisco PIX Firewall Version 6.3(1)

Cisco PIX Device Manager Version 3.0(1)

Compiled on Wed 19-Mar-03 11:49 by morlee

firewall up 1 min 25 secs

Hardware: PIX-515, 128 MB RAM, CPU Pentium 200 MHz

Flash i28F640J5 @ 0x300, 16MB

BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 0004.2746.95ba, irq 11

1: ethernet1: address is 0004.2746.95bb, irq 10

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Disabled

Maximum Interfaces: 6

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

This PIX has an Unrestricted (UR) license.

Serial Number: 481030818 (0x1cabf2a2)

Running Activation Key: xxxxx

Configuration last modified by at 06:28:16.000 UTC Thu Feb 7 2036

Labels:
0 Helpful
5 Replies 5

sebastan_bach
Level 4
Level 4

‎03-20-2006 11:33 AM

hi there i had the same issue. i got it. the problem is not with the pix it's with the windows 2003 . even i couldn't upgrade in the monitor mode.use a windows xp pc and things will work perfectly fine. it this solves ur issue then pls rate it. thank and bye

sebastan

nlariguet
Level 1
Level 1
In response to sebastan_bach

‎03-25-2006 08:04 PM

I was out for the whole week. On Monday I will have access to an XP machine and check if it is Windows 2003 causing the trouble as you suggested.

By the way; I am upgrading from monitor mode because there's not enough flash memory to do it in normal mode, and I'm wondering if it's possible to make some space, for example, can the PDM 3 be removed ? It's obvious after I successfully upgrade OS to 7 I will place the newer ASDM. Another example: I noted flashfs command reports a 3 MB file holding "downgrade info". I won't need it, I don't see the point to have an older version, I want the last, can I delete it ?

Just wonder.

Thanks.

0 Helpful

nlariguet
Level 1
Level 1
In response to sebastan_bach

‎04-07-2006 01:16 PM

YOU WERE QUITE RIGHT: I was finally able to upgrade to 7.0.4 in monitor mode from an XP machine and not from a Windows 2003 Server one. It seems there's something on the monitor mode incompatible with Windows 2003 installations.

0 Helpful

nlariguet
Level 1
Level 1
In response to sebastan_bach

‎04-07-2006 01:22 PM

I cannot find the way or the option to rank your response, how do I ?

0 Helpful

keyvansadeghi
Level 1
Level 1

‎04-10-2006 12:42 AM

Hi,

I had a similar problem with tftp. It turned out my flash drive was faulty. Could delete files and copy the same files back to the drive (sometimes) but everything else just gave tftp errors.

RMA

0 Helpful
Customers Also Viewed These Support Documents