Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
2
Replies

FWSM Aplication Software Upgrade

Go to solution
lm20ele
Level 1
Level 1

‎04-15-2010 08:14 AM - edited ‎03-11-2019 10:33 AM

I'm getting confused with the procedure on "Upgrading Failover Pairs to a new Minor or Major Relase" on Step 1 where it says "Download the new software to both units". How can I complete this step?. It is my understanding that I need to be on the system execution space if I have multiple contexts, which is my case, in order to perform the upgrade. I can ssh to the Admin Context and move into the system execution space but that will only take care of the active fwsm. which means the standby fwsm will not have the new software loaded and won't have the new IOS after the reboot.

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/swcnfg_f.html#wp1042136

Help please.

Thanks

Luis

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎04-15-2010 03:26 PM

You should have access to both Active and Standby FWSM, whether it is through the switch "session slot proc 1" or if you SSH to both ip addresses of the fwsm (the active ip address, and the standby ip address).

In your case, you mentioned that you SSH to the active fwsm on the admin context, so you could do the same to the standby fwsm. Your configuration should have 2 ip addresses per interface.

For example:

interface vlan 200

     ip address 1.1.1.1 255.255.255.0 standby 1.1.1.2

So, 1.1.1.2 is the standby ip address that you can SSH to.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎04-15-2010 03:26 PM

You should have access to both Active and Standby FWSM, whether it is through the switch "session slot proc 1" or if you SSH to both ip addresses of the fwsm (the active ip address, and the standby ip address).

In your case, you mentioned that you SSH to the active fwsm on the admin context, so you could do the same to the standby fwsm. Your configuration should have 2 ip addresses per interface.

For example:

interface vlan 200

     ip address 1.1.1.1 255.255.255.0 standby 1.1.1.2

So, 1.1.1.2 is the standby ip address that you can SSH to.

0 Helpful

Go to solution
lm20ele
Level 1
Level 1
In response to Jennifer Halim

‎04-15-2010 03:37 PM

Hi halijenn,

You are absolutely right. I forgot I had configured that second IP address for the standby. I now understand.

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card