Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Upgrading FWSM

I have two 6509 with two FWSM in failover active/standby. After breaking the failover ( no failover on active side) the standby unit goes to pseudo failover.

Now I want to upgrade the failover unit( not the maintenance partition but the IOS )  and I do not know how to assign an IP address to the fwsm.

I can not place nameif.... or ip address......

Can anybody tell me how to assign an IP address to the FWSM in pseudo failover status?

Everyone's tags (1)
2 ACCEPTED SOLUTIONS

Accepted Solutions

Re: Upgrading FWSM

Hi,

can you tell me what is the current IOS is running in your FWSM.because it depends on the current IOS version

If you are running 3.x then the upgradation method is different than 4.x

regards

karuppu

Re: Upgrading FWSM

Hi,

Create one new L2 vlan in 6500 Switch, then assign the new vlan into the FWSM module.


Now this new L2 vlan will be assigned to FWSM module, then assign primary IP address and standby IP address as well.

Make the necessary routing for this new IP segment.

Now try ping this both primary IP address and secondary IP address and use this new IP address to upload the new image

regards

Karuppu

11 REPLIES
Cisco Employee

Re: Upgrading FWSM

Now sure why you disabled failover.

Here is the link: http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/configuration/guide/swcnfg_f.html#wp1064044

If you are doing a major upgrade I would get the code on both units and

1. reload the secondary standby

2. issue fail active on the secondary

3. then reload the primary (now standby)

4. then fail back to the primary - optional

or just reload them both like 30 seconds apart.

-KS

Community Member

Re: Upgrading FWSM

Hi,

but that is my problem how to get the code on both maschines?? And I am trieying to install a major upgrade!

Regards

Re: Upgrading FWSM

Hi,

You have to download the FWSM IOS from cicso portal.

Since you are running active/standby failover , find the article that upgrading ios form 3.x to 4.x.

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/swcnfg_f.html#wp1057450

regards

Karuppu

Community Member

Re: Upgrading FWSM

Hi Karuppu,

thank you for answering, I already downloaded the image. I read the links also an I saw how to assign an IP adress, but if i try to execute e.g

FWSM(config)# int vlan666  =>> try to create a new vlan
FWSM(config-if)# ip add
FWSM(config-if)# ip add? =>>  but not able to assign IP address
ERROR: % Unrecognized command

I can not assign an IP address to the fwsm?

Can you pl advise?

regards

Re: Upgrading FWSM

Hi,

Since you are using active/standby failover,there will be two IPs.One IP will be assigned to Primary FWSM and other is Secondary FWSM and you should be able to ping both IP address as well.

So, no need to create any new VLAN. Use the existing IP address to upload your IOS into FWSM and then follow the steps to reboot with zero downtime.

regards

Karuppu

Community Member

Re: Upgrading FWSM

Hi Karuppu,

I see what you mean but this is a net with only two hosts ( 255.255.255.252 ) so not possible to use for upload. that's why i try to assign a new vlan.

regards

Re: Upgrading FWSM

Hi,

Create one new L2 vlan in 6500 Switch, then assign the new vlan into the FWSM module.


Now this new L2 vlan will be assigned to FWSM module, then assign primary IP address and standby IP address as well.

Make the necessary routing for this new IP segment.

Now try ping this both primary IP address and secondary IP address and use this new IP address to upload the new image

regards

Karuppu

Community Member

Re: Upgrading FWSM

Hi,

it works, many thanks and regards!

Re: Upgrading FWSM

Hi,

Always welcome Man...

I am happy to help my cisco support form friends.

Regards

Karuppu

Re: Upgrading FWSM

Hi,

can you tell me what is the current IOS is running in your FWSM.because it depends on the current IOS version

If you are running 3.x then the upgradation method is different than 4.x

regards

karuppu

Community Member

Re: Upgrading FWSM

Hi,

running 3.x and trying upgrade to 4.x

regards

1844
Views
0
Helpful
11
Replies
CreatePlease to create content