hello bthibode,

i have sort of a similar case, except a bit differnet that one of my junior network administrator upgraded our 515E to version 7.0(2) from 6.3(5) not knowning that it was with 32MB and 7 version above requires 64MB. now when ever i try to downgrade it to 6.3(5) version from ROMMON, right after the final stage of downloading the image from TFTP server it fails and keeps rebooting with message something like

"insuffient memory"

now is there any other way of fixing the problem and restoring it back old image.

I've got this same issue in my lab right now. The standard answer is RMA the PIX. I've tried quite a few different things and still cannot recover my PIX. Maybe someone else will be able to help you with this specific question. Please rate if my last post helped.

Thanks

hello Bryan,

so i guess the only solution i am left with is to put addtional 32MB and boot it and use the downgrade command :(

i which there could be some other less expensive solution and straight forward

Hey zulqurnain,

I did the same thing also. All you need to do is get a spare 32MB to upgrade the memory to 64MB for the Pix 7.0(2) to boot. From there you can just run the downgrade. You can then remove the 32MB and your pix would boot fine.

Thanks, I had never noticed the distinction between the 515 and 515e in the documentation before. What you posted in the link was the doc that I had used when planning the upgrade. I'll give this a try tomorrow morning and see what happens. Thanks to all for the response.

Ken

Thanks! Upgrading in normal mode with a failover configuration was much less confusing and the tftp issue was gone as well.

FYI, for all those who may be having a problem with VPN and NAT translation (packets in being decrypted but then dropped instead of being passed through to the internal host), upgrading from 6.35 to 7.22 resolved the issue.

hi!

we're also planning to upgrade a pix v6.3.

Did you have to upgrade from 6.3 to 7.0 first?

then from 7.0 to 7.1? and then 7.1 to 7.2?

I'm reading the Release notes for 7.2 and it seems there's no direct upgrade path from 7.0 to 7.2

I'm using this link as a guide.

1. Guide for Cisco PIX 6.2 and 6.3 Users pgrading to Cisco PIX Software Version 7.0.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_70/pix_upgd/pixupgrd.pdf

2. Relase notes for 7.2 http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_72/rel_note/pixrn72.pdf

You have to upgrade from 6.3 to 7.0. After that you can hop around in 7.x til your heart's content :-)

Thanks! very reassuring!

That is not correct. I upgradded from 6.3(5) directly to 7.2(2). Previously on another PIX, I upgrade from a 6.2(2) straight to 7.2(2) all with no version issues.

Ken

Ken,

I;m glad you've done this once. I do this at least 3 times a week on the TAC. Best practice is to upgrade to 7.0 from 6.3. If you had success using an unsupported method of upgrading, I'm happy for you. Please be aware that this is unsupported so if you would have run into any issues, you might have been on your own. Please don't contradict best practice documents. They are there for a reason.

Thanks,

Bryan

Got the upgrade done. Migration of the commands was seamless. i had to remove some commands before upgrade ( e.g. pptp , vpdn, etc). No problem reboooting. Even the VPN Xauth was automatically disabled ( this was said to have been enabled by default)

Upgrade was almost seamless until we ran into a problem with the mail system. we were able to send but were unable to receive. i thought it was due to the esmtp. but could not get it running. we got the TAC involved and the tech told us it was due to the new MSS ( Max Segment Size) feature.

he set up the service policy to allow packets that exceed the MSS.

bing

bthidode

I am about to upgrade a 515E with PDM from 6.3 to 7 and can't see any other info that I have to do it via monitor-mode and not basic. Am I missing something here? The link you provided says nothing about 515E and basic, as far as I have a redaing-problem...

Can you explain?

/Fred