I recently upgraded our PIX515 firewall from Version 7.2.2 to 7.2.4 and I wanted to verify the MD5 hash for the downloaded IOS. However the hash generated on the PIX using the verify command does not match the hash published on the cisco download website. Published hash is f2f6b88ea1b4a0b33045b3b18d0fb852, generated hash is fdcd.... . I checked the 7.2.2 MD5 on a firewall I haven't upgraded yet and that doesn't match either. Am I missing something ?
The size reported on the device is 8589312 and the file is listed as pix724-30.bin rather than image.bin (as previously when 7.2.2 was loaded - this was upgrade from version 6). I loaded it using putty pscp. On reload the firewall comes up with the new IOS and appears to work OK. Hmmmmmm???
Many thanks for your help, I just realised the same - the IOS was upgraded on the back of a security vulnerability (http://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtml) which recommended 7.2.4(30) and contained a link to a place to download it from. This version doesn't appear to be available via the cisco.com - support - security - download IOS etc route.
Our patch documentation was put together, mistakenly, using the the checksum taken from the cisco.com support page for version 7.2.4
I just found the interim release page ... and I noticed the caveat on interim releases
"Important: These images were not fully regression tested. Each individual fix was unit tested, and the image has had a limited amount of automated regression testing to confirm a baseline of functionality. Keep this testing status in mind if you decide to run them in a production environment. We strongly encourage you to upgrade to a fully tested Maintenance or Feature release when it becomes available."
We plan to run this in a production environment. Couple of questions, would you recommend this and do you know when a fully tested Maintenance or Feature releasewill be made available.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :