Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cannot ping inside i/f from pix iteslf & cannot tftp from server to Pix

We have Pix 525 (in a test lab non prod). I am trying to tftp a new OS image (6.3.5). It is currently running 6.3.3. to do this I am in monitor mode on the Pix (You have to be in monitor mode to do this). I can ping my laptop FROM the firewall (which is connected to the inside i/f). I CANNOT ping the inside i/face from the Pix itself and I cannot ping the inside firewal i/f from the laptop. All netmasks are correct. The tftp process also fails (which I assume is due to the weirdness about not being able to ping the inside firewall interface from the Pix itself. Any guidance welcomed as I am flumoxed. Theres loads of memory. The cable is ok as it pings ok (albeit in one direction) - thanks peter@it-123.co.uk

3 REPLIES

Re: Cannot ping inside i/f from pix iteslf & cannot tftp from se

Peter,

I have not worked with 525 models but why do you need to be in monitor mode to upgrade code. You can upgrade the code from PIX normal mode by simply configuring your laptop-tftp server in same subnet as your PIX inside interface use a hub or switch to connect both.

PIX#copy tftp flash:image

pix#copy tftp flash:pdm

the reboot the pix..

now if you are in monitor mode, don't need to specify gateway in laptop tctip settings if both in same network.

e.g

mon>interface 1

mon>address 10.10.10.1 <-for interface1

mon>server 10.10.10.2 <-for labtop-tftp

try pinging laptop form pix and vice versa

then specify code filename

mon>file pixcode.bin

>tftp

is all here

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a5d.shtml#upbootormon

Cisco Employee

Re: Cannot ping inside i/f from pix iteslf & cannot tftp from se

thats By design, you cannot ping from TFTP to a monitor interface, only from pix to tftp

Connect a tftp directly to the pix interface, GIG ethernet are not initialised in ROMmode therefore use a fastethernet Interface to connect to tftp and follow the normal ROM mode procedure

it should work fine !!

New Member

Re: Cannot ping inside i/f from pix iteslf & cannot tftp from se

BEWARE CISCO SECURITY AGENT ON YOUR TFTP SERVER! Fixed now - thanks

217
Views
0
Helpful
3
Replies