cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
409
Views
0
Helpful
3
Replies

Cannot ping inside i/f from pix iteslf & cannot tftp from server to Pix

peter-net
Level 1
Level 1

We have Pix 525 (in a test lab non prod). I am trying to tftp a new OS image (6.3.5). It is currently running 6.3.3. to do this I am in monitor mode on the Pix (You have to be in monitor mode to do this). I can ping my laptop FROM the firewall (which is connected to the inside i/f). I CANNOT ping the inside i/face from the Pix itself and I cannot ping the inside firewal i/f from the laptop. All netmasks are correct. The tftp process also fails (which I assume is due to the weirdness about not being able to ping the inside firewall interface from the Pix itself. Any guidance welcomed as I am flumoxed. Theres loads of memory. The cable is ok as it pings ok (albeit in one direction) - thanks peter@it-123.co.uk

3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

Peter,

I have not worked with 525 models but why do you need to be in monitor mode to upgrade code. You can upgrade the code from PIX normal mode by simply configuring your laptop-tftp server in same subnet as your PIX inside interface use a hub or switch to connect both.

PIX#copy tftp flash:image

pix#copy tftp flash:pdm

the reboot the pix..

now if you are in monitor mode, don't need to specify gateway in laptop tctip settings if both in same network.

e.g

mon>interface 1

mon>address 10.10.10.1 <-for interface1

mon>server 10.10.10.2 <-for labtop-tftp

try pinging laptop form pix and vice versa

then specify code filename

mon>file pixcode.bin

>tftp

is all here

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a5d.shtml#upbootormon

Jorge Rodriguez

abinjola
Cisco Employee
Cisco Employee

thats By design, you cannot ping from TFTP to a monitor interface, only from pix to tftp

Connect a tftp directly to the pix interface, GIG ethernet are not initialised in ROMmode therefore use a fastethernet Interface to connect to tftp and follow the normal ROM mode procedure

it should work fine !!

BEWARE CISCO SECURITY AGENT ON YOUR TFTP SERVER! Fixed now - thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: