cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2470
Views
0
Helpful
11
Replies

Upgrading FWSM

dhamm
Level 1
Level 1

I have two 6509 with two FWSM in failover active/standby. After breaking the failover ( no failover on active side) the standby unit goes to pseudo failover.

Now I want to upgrade the failover unit( not the maintenance partition but the IOS )  and I do not know how to assign an IP address to the fwsm.

I can not place nameif.... or ip address......

Can anybody tell me how to assign an IP address to the FWSM in pseudo failover status?

2 Accepted Solutions

Accepted Solutions

Hi,

can you tell me what is the current IOS is running in your FWSM.because it depends on the current IOS version

If you are running 3.x then the upgradation method is different than 4.x

regards

karuppu

View solution in original post

Hi,

Create one new L2 vlan in 6500 Switch, then assign the new vlan into the FWSM module.


Now this new L2 vlan will be assigned to FWSM module, then assign primary IP address and standby IP address as well.

Make the necessary routing for this new IP segment.

Now try ping this both primary IP address and secondary IP address and use this new IP address to upload the new image

regards

Karuppu

View solution in original post

11 Replies 11

Kureli Sankar
Cisco Employee
Cisco Employee

Now sure why you disabled failover.

Here is the link: http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/configuration/guide/swcnfg_f.html#wp1064044

If you are doing a major upgrade I would get the code on both units and

1. reload the secondary standby

2. issue fail active on the secondary

3. then reload the primary (now standby)

4. then fail back to the primary - optional

or just reload them both like 30 seconds apart.

-KS

Hi,

but that is my problem how to get the code on both maschines?? And I am trieying to install a major upgrade!

Regards

Hi,

You have to download the FWSM IOS from cicso portal.

Since you are running active/standby failover , find the article that upgrading ios form 3.x to 4.x.

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/swcnfg_f.html#wp1057450

regards

Karuppu

Hi Karuppu,

thank you for answering, I already downloaded the image. I read the links also an I saw how to assign an IP adress, but if i try to execute e.g

FWSM(config)# int vlan666  =>> try to create a new vlan
FWSM(config-if)# ip add
FWSM(config-if)# ip add? =>>  but not able to assign IP address
ERROR: % Unrecognized command

I can not assign an IP address to the fwsm?

Can you pl advise?

regards

Hi,

Since you are using active/standby failover,there will be two IPs.One IP will be assigned to Primary FWSM and other is Secondary FWSM and you should be able to ping both IP address as well.

So, no need to create any new VLAN. Use the existing IP address to upload your IOS into FWSM and then follow the steps to reboot with zero downtime.

regards

Karuppu

Hi Karuppu,

I see what you mean but this is a net with only two hosts ( 255.255.255.252 ) so not possible to use for upload. that's why i try to assign a new vlan.

regards

Hi,

Create one new L2 vlan in 6500 Switch, then assign the new vlan into the FWSM module.


Now this new L2 vlan will be assigned to FWSM module, then assign primary IP address and standby IP address as well.

Make the necessary routing for this new IP segment.

Now try ping this both primary IP address and secondary IP address and use this new IP address to upload the new image

regards

Karuppu

Hi,

it works, many thanks and regards!

Hi,

Always welcome Man...

I am happy to help my cisco support form friends.

Regards

Karuppu

Hi,

can you tell me what is the current IOS is running in your FWSM.because it depends on the current IOS version

If you are running 3.x then the upgradation method is different than 4.x

regards

karuppu

Hi,

running 3.x and trying upgrade to 4.x

regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: