cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
454
Views
9
Helpful
4
Replies

PIX Software upgrade, versions

icenterhq
Level 1
Level 1

Hi

Is upgrade from 6.3.4 to 7.2.2 allowed and work well or i should upgrade like this: 6.3.4->7.0.x->7.1.x->7.2.x ?

in release notes for 7.2 i found:

The minimum software version required before performing an upgrade to PIX Version 7.1 is

PIX Version 7.0. If you are running a PIX version prior to PIX Version 6.2, you must first upgrade

to PIX Version 6.2 or PIX Version 6.3 before you can begin the upgrade to PIX Version 7.0.

no words about 7.2 :)

i think that 7.2 automaticaly convert my 6.3.x commands. I am right, am i ?

is any successfully stories about 6.3 to 7.2 upgrade (without 7.0 or 7.1 software) ?

4 Replies 4

srue
Level 7
Level 7

I did a bunch of 6.3(5) to 7.2(x) upgrades, but I did them differently than how you want to. I backed up my 6.3 config then installed a fresh image of 7.2 code. After that, I copied/pasted the old config section by section into the newly upgraded PIX. This might take a little longer (how long depends on the complexity of your current config), but in the end, you have a cleaner migration.

There are some instances where you can't simply copy/paste, so you will have to enter some commands such as the following:

interface config

conduits should be converted to ACL's

no more fixup commands

and vpn tunnel groups.

I believe if you copy/paste in existing vpn configs, the 7.2 code will automagically convert them to the new syntax for you...i think.

what about activation keys ? i have 3DES licenses. will 7.2.x use it ?

about VPN config i agree with you. i have only site-to-site and 7.2 automatically convert isakmp commands for VPN peer and passowrd for it. it converts it without info messages about it.

activation keys handle the upgrade just fine. as a precaution, copy down the key just in case. I once did a downgrade (albeit incorrectly) from 7.x to 6.x and it completely wiped out the activation key - which of course i hadn't thought of backing up.

i have updated two devices today. 6.3.4 to 7.2.2.

All 6.3.4 commands was auto-transferred correctly: interfaces, vpn config, etc.

maybe cisco fix upgrade docs about required OS version before upgrade to 7.2 ? :)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: