[c-nsp] FWSM upgrade

Tony Varriale tvarriale at comcast.net
Thu Mar 31 16:05:16 EDT 2011 

On 3/31/2011 1:29 PM, John Snow wrote:
> Hi I am fairly new to fwsm, but what I need to do is upgrade from 3.1 to a 3.2 release.
>
> I don't have a spare blade to test this on so I will be upgrading on prod on the fly. I am putting a plan together before I make the change to avoid as much downtime as possible.
>
>
> I would like to boot into cf:5, load the image and config, make sure everything is working as expected and then either load new image and config into cf:4 or copy the image and config from cf:5 into cf:4 and then boot from cf:4 again.
>
>
>
> 1.       Configure vlan1 on msfc
>
> interface Vlan1
>   description **in shutdown mode normally** li1  ten-193-9  10.193.9.0 /24   rsvd fwsm rom-boot cf:1 vlan 1 ip gw ->  ftp relay.sait
>   ip address 10.193.9.254 255.255.255.0
> end
>
>
> 2.        Boot into maintenance partition
>
> #hw-module module 9 reset cf:1
>
>
> 3.       Console session into fw
>
> sess slot 9 proc 1
>
>
> 4.       Configure ip address/sm/gw
>
> root at localhost.localdomain#ip<mailto:root at localhost.localdomain#ip>  address 10.193.9.1 255.255.255.0
> root at localhost.localdomain#ip<mailto:root at localhost.localdomain#ip>  gateway 10.193.9.254
>
> make sure I can ping ftp server
>
> root at localhost.localdomain#ping<mailto:root at localhost.localdomain#ping>  142.110.254.131
>
>
>
> 5.       ftp image into flash cf:5 partition
> root at localhost.localdomain#upgrade<mailto:root at localhost.localdomain#upgrade>  ftp://user:pw@142.110.254.131/C6SVC-FWM-K9-3-1-1.BIN cf:5
>
> Application image upgrade complete. You can boot the image now.
> root at localhost.localdomain#exit<mailto:root at localhost.localdomain#exit>
>
>
> 6.       boot into cf:5
> #hw-module module 9 reset cf:5
>
>
> 7.       load avtivation key
>
> FWSM(config)# activation-key df9f1b5a 38203d9f 1a65ca81 3920ba83
>
>
>
> Now at this point I have an image in cf:5, but no configuration yet.  This is where I am a bit stuck. I need to load/copy image into cf:5 - test - then move the image and config back into cf:4.
>
>
> Any help would be appreciated.
>

I would save my config, load the software then reload.  3.1x to 3.2x 
isn't anything big.  If you are already on 3.1 you have the correct 
maintenance software.

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/upgrade/guide/fwsm31up.html#wp2070189

tv

More information about the cisco-nsp mailing list