03-31-2012 09:01 PM - edited 02-21-2020 04:35 AM
the following url states the memory requirements for the pix firewall
http://www.cisco.com/en/US/docs/security/pix/pix72/release/notes/pixrn72.html#wp43534
if you are using a PIX 515/515E running PIX Version 6.2/6.3, you need to upgrade your memory before performing an upgrade to PIX Version 7.0. PIX Version 7.0 requires at least 64 MB of RAM for Restricted (R) licenses and 128 MB of RAM for Unrestricted (UR) and Failover (FO) licenses. The following security appliance platforms require at least 64 MB of RAM. Table 1 lists Flash memory requirements for Version 7.2(1).
Security Appliance Model | Flash Memory Required in Version 7.2(1) |
---|---|
PIX 515/515E | 16 MB |
PIX 525 | 16 MB |
PIX 535 | 16 MB |
my question is:: what might occur if i upgrade a pix 515e which is having UR licenses and 64MB RAM from version 6.2 to 7.0.?
thanks.
04-01-2012 08:26 AM
I haven't tried it on a Pix but on an ASA if your memory is insufficient the upgrade willl occur - with error messages generated during boot (and periodically during normal operation).
On a Pix, the upgrade may fail altogether. On an ASA, the appliance may fail to pass traffic under certain use and load conditions. Since those are difficult to characterize in moment-to-moment operations, my assessment is that it would be a veryt risky proposition for any device you are counting on for production use. If you're doing it for a lab or training then no big deal.
04-01-2012 09:44 PM
hi Marvin,
thanks for the reply. as i understand, the UR or R lincense are based on an "activation key", and it has no dependancy on the HW itself. we just did the upgrade and did not face any issue as of now. we are actually planning to go for the 8.x pix version.
what is your idea, based on the licenses activation ?
thanks,
uddika
04-02-2012 01:24 PM
Hi,
If I remember right the PIX only support the very first versions of 8.0 software. And even then its streching its recources.
EDIT:
Version 8.0(2) requires the following:
•The minimum software version required before upgrading to PIX Version 8.0(2) is PIX Version 7.2. If you are running a PIX version earlier than Version 6.2, you must first upgrade to PIX Version 6.2 or PIX Version 6.3 before you can upgrade to PIX Version 7.2.
•To upgrade your PIX software image, go to the following website:
http://www.cisco.com/public/sw-center/index.shtml
•For information on specific licenses supported on each model of the security appliance, go to the following website: http://www.cisco.com/en/US/docs/security/asa/asa80/license/license80.html
•If you are upgrading from a previous PIX version, save your configuration and record your activation key and serial number. For new installation requirements, go to the following website: http://www.cisco.com/public/sw-center/index.shtml
04-02-2012 11:18 PM
is there a chance to downgrade the unrestricted licenses to restricted licenses, and use the pix, since we have a very small firewall security requirement for securing some isolated set of few systems with less traffic flowwing between them.
04-02-2012 11:24 PM
and if we have a better ios, things will be smooth
04-02-2012 11:25 PM
we don't want to use a UR licenses and go with a older IOS. we prefer a restricted license with a newer IOS. any ideas and options ?
04-02-2012 11:26 PM
Either upgrading or changing your license type would require a support contract. The Pix firewall is almost end of life - it hasnt been sold as new for about four years and is no longer eligible for new support contracts.
If you have one that's working on it's current software why worry about upgrading? Just use it as-is. You could also use a much more recent ASA 5505 or such for a requirement like that.
For a simple firewall, the older Pix operating system 7.2 works fine. I have not seen many customers ride the Pix line all the way onto 8.x software.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: