Solved: PIX 515 Keeps Reloading

Gerard Roy · ‎02-06-2008

I have a Pix firewall with an UR license and it has Active/Active Failover. When I connect via console, it appears to be continuously reloading and cannot be interrupted. Only when I do esc while it's rebooting can I get the monitor> prompt. I have to enter all the monitor variables "server, addr, interface, file, Etc.." and then type TFTP and it loads the version 7 or 8 code and comes up. Problem is If I reboot it is back to square one. I have reset to factory and it still does it. Please see attached File. What is strange is that once I load the image from monitor mode, it all works well.

husycisco · ‎02-07-2008

You are welcome Jerry.

Please do not forget to rate the post and choose "resolved my problem" which was helpful and resolved your problem.

Regards

View solution in original post

husycisco · ‎02-06-2008

Hi Jerry

Attached file contains the boot process breaked by ESC, imaged then booted via RAM output. The essential output for us to analyze is, power up PIX, let it reboot itself, then copy the output to a txt file.

At first look, a very easy step looks missing. You tftp the image, image is in RAM atm and boot itself from there. If you now reboot PIX, data in RAM will be lost, and device wil get into a reboot loop indicating no valid IOS to boot.

When IOS comes up after you tftp, simply issue the following command to write it to permanent flash

write mem

Regards

Gerard Roy · ‎02-06-2008

Hi Husy,

It will not boot apart from me forcing it to go into monitor mode. All it does is this process over and over:

Cisco Secure PIX Firewall BIOS (4.0) #0: Thu Mar 2 22:59:20 PST 2000

Platform PIX-515

Flash=i28F640J5 @ 0x300

Use BREAK or ESC to interrupt flash boot.

Use SPACE to begin flash boot immediately.

Reading 123392 bytes of image from flash.

Cisco Secure PIX Firewall BIOS (4.0) #0: Thu Mar 2 22:59:20 PST 2000

Platform PIX-515

Flash=i28F640J5 @ 0x300

Use BREAK or ESC to interrupt flash boot.

Use SPACE to begin flash boot immediately.

Reading 123392 bytes of image from flash.

Cisco Secure PIX Firewall BIOS (4.0) #0: Thu Mar 2 22:59:20 PST 2000

Platform PIX-515

Flash=i28F640J5 @ 0x300

Use BREAK or ESC to interrupt flash boot.

Use SPACE to begin flash boot immediately.

Reading 123392 bytes of image from flash.

Cisco Secure PIX Firewall BIOS (4.0) #0: Thu Mar 2 22:59:20 PST 2000

Platform PIX-515

Flash=i28F640J5 @ 0x300

cisco24x7 · ‎02-06-2008

Do this:

1- hit ESC to interrupt flash boot,

2- do whatever you need in your original post,

3- one the pix up and running, do:

a- format flash:

b- copy tftp flash:

now copy pix 7.x or 8.x code from tftp

server to flash:

4- wr mem

5- reload

now your pix will boot up normally.

When you do from monitor mode, the image will

NOT be saved into flash.

CCIE Security

Gerard Roy · ‎02-07-2008

I have done this exact process - Twice. Once with pix723.bin and once with pix803.bin. I even when so far as to do a verify of the files before the reload. Any other ideas?

Gerard Roy · ‎02-07-2008

Is there a config-register setting on a PIX?

husycisco · ‎02-07-2008

I see. So what happened when you issued wr mem command when IOS loads up successfully right after your tftp?

cisco24x7 · ‎02-07-2008

"wr mem" has nothing to do with saving

the Pix 7.x/8.x image into the flash:

the point I am trying to make here is that

if you upgrade the Pix from monitor mode to

7.x or 8.x from 6.x code, the image will NOT

be saved into the flash initially, only in

memory. During the upgrade, you will see

a big banner from Cisco that will tell you

so.

CCIE security

husycisco · ‎02-07-2008

Jerry,

It looks like the answer is in the question itself. The following line from your output

Reading 123392 bytes of image from flash

I dont know a valid IOS which is 123K. So make sure you have the correct IOS file, it should be at least 5MB. If you are sure that your IOS is above 4-5MB, then please follow the steps below in their respective order.

1)Boot in monitor mode by pressing ESC during bootup

2)tftp the IOS and let the device boot itself from memory. Then issue the following command exactly.

copy tftp://tftpserverip/imagename.bin flash:image

3)Type dir and it will list you the current files in flash. Make sure byte count is correct

4) Now issue the following in respective order

boot system flash:image

wr mem

reload

Make sure you downloaded the IOS from Cisco using your CCO account

Regards

husycisco · ‎02-07-2008

I checked my PIX, it reads the same amount of byte. It must be the boot loader part not the IOS. Anyway, please take the steps exactly and post the results.

Gerard Roy · ‎02-07-2008

Like I said - I have already done a verify on the file and the hash matches so it is not corrupt. I kept seeing the '123392 bytes of image from flash" and that had me concerned thus the question regarding a config-register. Any other Idea's?

Gerard Roy · ‎02-07-2008

Here is the sh flash, dir, sh run and sh ver from the PIX.

husycisco · ‎02-07-2008

config-register is only available in ASA and routers as far as I know.

did you try boot system flash:image ?

I have one last suggestion that I perform hardly ever (took 10 minutes to find the file in my resources :) , It maybe a corrupt flash if this does not work.

1)Pull your config file from PIX to tftp server

2)Power down your PIX, unplug all cords (including failover cord if you have the interface) except power and interface that you will tftp.

3)Download the attached file to your tftp server

4)Power up your PIX, then enter monitor mode. Tftp the erasedisk622.bin

5) Say yes to erase disk question. After it completes, follow the steps in their respective order in my previous post again

Gerard Roy · ‎02-07-2008

SUCCESS!!!!!

What ever that little file was it worked. Thanks to everyone on this forum who offer input.

Sweet!

husycisco · ‎02-07-2008

You are welcome Jerry.

Please do not forget to rate the post and choose "resolved my problem" which was helpful and resolved your problem.

Regards