Preparing ASAPIX Security Appliance for Software Recovery


Preparing ASA/PIX Security Appliance for Software Recovery

You must now put the ASA/PIX Security Appliance in a mode so that you can configure it to use its TFTP download functions:

Step 1.

You must be first connect to the PIX via the console port. To do so, use a serial cable from your PC to the security appliance console port and use a terminal emulator such as HyperTerminal.

Step 2.

Set the HyperTerminal properties to use your PC serial port, the same as the parameters illustrated in Figure C-1.

Figure C-1. HyperTerminal Communication Settings


After you establish console connectivity, you must reboot your ASA/PIX Security Appliance by using the power switch. When the following output is displayed, press the Esc key on your keyboard.

 Cisco Secure PIX Firewall BIOS (4.2) #6: Mon Aug 27 15:09:54 PDT 2001 Platform PIX-515e Flash=E28F640J3 @ 0x3000000 Use BREAK or ESC to interrupt flash boot. Use SPACE to begin flash boot immediately. Reading 1921536 bytes of image from flash. 

After you enter the Monitor mode on the security appliance, you are ready to install the version 7 operating system and will see the following on your screen:

 Use BREAK or ESC to interrupt flash boot. Use SPACE to begin flash boot immediately. Flash boot interrupted. 0: i8255X @ PCI(bus:0 dev:13 irq:11) 1: i8255X @ PCI(bus:0 dev:14 irq:10) monitor> 

Now, you must complete the following steps to prepare the ASA/PIX Security Appliance to install the version 7 software:

Step 3.

Plug a crossover Ethernet cable between the Ethernet 0 port on your security appliance and the networking card on your PC.

Step 4.

Enter the following commands one at a time at the monitor prompt:

  1. Initialize Ethernet zero on your security appliance to prepare for the download:

     monitor> int 0 0: i8255X @ PCI(bus:0 dev:13 irq:11) 1: i8255X @ PCI(bus:0 dev:14 irq:10) Ethernet auto negotiation timed out. Ethernet port 0 initialized. 

  2. Configure the security appliance to know the IP address of your PC, which is the TFTP server:

     monitor> server 192.168.1.2 server 192.168.1.2 

  3. Configure the IP address of the security appliance Ethernet port:

     monitor> address 192.168.1.1 address 192.168.1.1 

  4. Define the name of the file that is to be uploaded from the PC's TFTP server. This should be the ASA/PIX version 7 image. In the example, you use pix70.bin, although Cisco might change this naming convention at any time:

     monitor> file pix70.bin file pix70.bin 

  5. Wait 5 to 10 seconds to ensure that the security appliance driver has bound to the hardware interface, and then verify that you have network connectivity between the appliance and your PC using the ping command:

     monitor> ping 192.168.1.2 Sending 5, 100-byte 0x1b03 ICMP Echoes to 192.168.1.2, timeout is 4 seconds: !!!!! Success rate is 100 percent (5/5) 

After pings are successful between the ASA/PIX Security Appliance and your PC, you are ready to start the procedure to upgrade to ASA/PIX version 7 and ASDM.



Securing Your Business with Cisco ASA and PIX Firewalls
Securing Your Business with Cisco ASA and PIX Firewalls
ISBN: 1587052148
EAN: 2147483647
Year: 2006
Pages: 120
Authors: Greg Abelar

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net