PIX downgrade basic question

Unanswered Question
Feb 1st, 2007

Hi friends,

I am planning to upgrade from PIX 6.3(1) to 7.0.

But if I wish to downgrade later for some reason, I need the old PIX 6.3(1) image again. Right? But cisco.com's site has only 6.3(5). Can I use the downgrade command to downgrade to 6.3(5) when the actual previously installed version is 6.3(1)?

Or do i need to upgrade first to 6.3(5), then to 7.0, then be able to use the downgrade command to downgrade to 6.3(5)?

Please advise.

thanks a lot


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
talisman1310 Thu, 02/01/2007 - 04:59

You can tftp the 7.0 image and set the boot vaiable to the 7.0 image and restart the firewall.If you require to downgrade you can restore the earlier image by changing the boot var.

gautamzone Thu, 02/01/2007 - 07:53

Thanks a lot. I thought that upgrading to PIX will delete the previous image. Hence I need to have the previous image to be able to downgrade.


deangeloj Sat, 02/03/2007 - 11:09

Do not load an older version of the PIX OS once you've upgraded to 7.x

From the 7.0 release notes:

Downgrade to Previous Version

To downgrade to a previous version of the operating system software (software image), use the downgrade command in privileged EXEC mode.

For more information and a complete description of the command syntax, see the Cisco Security Appliance Command Reference.


Caution Do not load a previous version of software if your PIX security appliance is currently running PIX Version 7.0 or later. Loading a software image from monitor mode, on a PIX security appliance that has a PIX Version 7.0 file system, results in unpredictable behavior and is not supported. We strongly recommend that you use the downgrade command from a running PIX Version 7.0 image that facilitates the downgrade process.


This Discussion