Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4375
Views
10
Helpful
5
Replies

How to upgrade the fwsm image from 3.1(10) to 4.0(8).

madhusudhan s
Level 1
Level 1

‎01-12-2010 07:07 AM - edited ‎03-11-2019 09:56 AM


Hi all,

I need to upgrade the fwsm image from 3.1(10) to 4.0(8). Can i do it directly from 3.1(10) to 4.0(8) ?

Do i need to upgrade other image also along with Firewall version 4.0(8)?


FWSM# sh ver

FWSM Firewall Version 3.1(10)

Device Manager Version 6.1(5)F

Compiled on Mon 21-Apr-08 17:43 by fwsmbld

FWSM up 2 days 15 hours

failover cluster up 2 days 15 hours

Hardware: WS-SVC-FWM-1, 1024 MB RAM, CPU Pentium III 1000 MHz

Flash STI Flash 8.0.0 @ 0xc321, 20MB

0: Int: Not licensed : irq 5

1: Int: Not licensed : irq 7

2: Int: Not licensed : irq 11

The Running Activation Key is not set, using default settings:

Licensed features for this platform:

Maximum Interfaces : 256

Inside Hosts : Unlimited

Failover : Active/Active

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Cut-through Proxy : Enabled

Guards : Enabled

URL Filtering : Enabled

Security Contexts : 2

GTP/GPRS : Disabled

VPN Peers : Unlimited

Serial Number: SAD125004FT

Running Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000

Configuration last modified by enable_15 at 18:58:52.627 IST Mon Jan

11

2010

Regards

Madhu

Labels:
0 Helpful
5 Replies 5

Panos Kampanakis
Cisco Employee
Cisco Employee

‎01-12-2010 01:16 PM

Yes, you can upgrade from 3.1 to 4.0.

Make sure you have downtime though and if you have failover that the FWSMs are not running 3.1 and 4.0 at the same time.

I hope it helps.

PK

Kureli Sankar
Cisco Employee
Cisco Employee
In response to Panos Kampanakis

‎01-12-2010 07:50 PM

Madhu,

If this is a failover pair then pls. follow this link.  zero downtime upgarde is not supported when doing a major upgrade.

once you get the code onto the blades "copy tftp flash:image" you can follow this link:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/configuration/guide/swcnfg_f.html#wp1064232

You already have the latest ASDM so, no need to upgrade that.

-KS

madhusudhan s
Level 1
Level 1
In response to Kureli Sankar

‎01-15-2010 04:15 AM

Hi,

Is it application partition or maintainance partion where we need to upgrade the image from 3.1(10) to 4.0.8.

Reagrds

madhu

0 Helpful

Kureli Sankar
Cisco Employee
Cisco Employee
In response to madhusudhan s

‎01-15-2010 05:19 AM

Application partitiion is what you will be upgrading from 3.1.(10 to 4.0(8).

MP - maintenance partition is supposed to be 2.1.2 or above which is the same requirement for 3.1.x so, you will be good there.

Pls. check the compatibility with the swtich code in this 4.0.8 Release Note link:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/release/notes/fwsmrn40.html

Pls. check the chassis system requirement in the above link.

commands you will need are:

copy tftp flash:image

copy tftp flash:asdm

falsh:image for OS and flash:asdm if you will be upgrading the asdm as well.

-KS

Norberto Salgado
Level 1
Level 1
In response to Kureli Sankar

‎04-17-2012 04:23 AM

Hello KS,

in the upgrade from 3.1 to 4.0.x, the nat-control feature is mantained?

Thank you.


Best regards,

Norberto

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card