I mean I can configure the int 0 or 1 or whatever to anything i desire, but it will not communicate to my tftp server no matter what interface i connect and configure for this. I cannot ping any interface, even if i put in the apply all. I think this could be because these are FO licensed firewalls, but my question then is how do i flash them to the matching firmware if the UR's i am connecting them to are running 7.0(5)

Well i tried what you suggested, I had done the same before, but wanted to give your suggestion a shot since i might have typoed something and still no love. I cannot ping 192.168.1.2 from int 1 at all. The only way i have been able to flash is via monitor mode, but to finish the process i need to copy the image to the flash before the next reboot or it will get caught into a boot cycle. Below is the config from the box, (it is the stock factory config), if anyone could either confirm a process that works or just say that i need to plug it into the primary before i can do this I would be very appreciative.

interface ethernet0 100full

interface ethernet1 100full

interface ethernet2 auto shutdown

interface ethernet3 auto shutdown

interface ethernet4 auto shutdown

interface ethernet5 auto shutdown

nameif ethernet0 outside security0

nameif ethernet1 inside security100

nameif ethernet2 intf2 security4

nameif ethernet3 intf3 security6

nameif ethernet4 intf4 security8

nameif ethernet5 intf5 security10

enable password xxxx

passwd xxxx

hostname pixfirewall

fixup protocol dns maximum-length 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69

names

access-list PERMIT_ALL permit ip any any

pager lines 24

mtu outside 1500

mtu inside 1500

mtu intf2 1500

mtu intf3 1500

mtu intf4 1500

mtu intf5 1500

no ip address outside

ip address inside 192.168.1.1 255.255.255.0

no ip address intf2

no ip address intf3

no ip address intf4

no ip address intf5

ip audit info action alarm

no failover

failover timeout 0:00:00

failover poll 15

no failover ip address outside

no failover ip address inside

no failover ip address intf2

no failover ip address intf3

no failover ip address intf4

no failover ip address intf5

pdm logging informational 100

pdm history enable

arp timeout 14400

access-group PERMIT_ALL in interface inside

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout sip-disconnect 0:02:00 sip-invite 0:03:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local

http server enable

http 192.168.1.0 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd address 192.168.1.2-192.168.1.254 inside

dhcpd lease 3600

dhcpd ping_timeout 750

dhcpd auto_config outside

dhcpd enable inside

terminal width 80

Cryptochecksum:xxxx

: end

Hi .. by looking at the config .. you don't need to connect it to the Primary Pix as failover is not enabled. you sould be able to connect your laptop to the ethernet1 port and get a dynamic IP address on the 192.168.1.2-254 range. Can you make sure the cable you use to plug in DIRECTLY is cross over and also you might need to hard code the speed and duplex on your laptop to 100 / full. Use a console connection while at the same time you connect by LAN cable to the PIX and see the status of the e1 interface ...

That is what I though, I plug in my laptop via crossover and can flash via monitor (but cannot) get the image copied over via tftp, the interface does not get DHCP address or anything. I hard code it and windows says there is a link and there are physical link lites on the cisco and the laptop and still i get nothing. I am really stumped on this..

using your console session .. do a show int command on the PIX while connected to the e1 int. what is the status .. Also have you check whether you have a personal firewall enabled on your laptop ..?

If I do a show int the line shows as up and up. Initally it was administrativly down, but assigning the auto brought it up. Firewall has been completely disabled on my machine, and confirmed i can launch a tftp client from another machine even.

mm ... so you hardcoded 100 FULL on both sides and it did not work but when you configured it to auto then the interface come up right ..? mm have you tried using a different laptop or perhaps connecting them by a switch /hub instead .. I am just thinking perhaps some incompatibility between the NICs .. negotiation problem ..

Tried both, neither worked, tried my desktop switch and still got nothing. I am thinking it is going to have to be plugged into a none fo model 515e for me to do anything which means downtime and a trip to the datacenter.

would love to but cannot access the interface at all via ping, telnet, anything.. I know i am just missing something here

hi;

three days ago i faced the i same problem,

i actually tried to set another interface like e3

set different ip subnet and connect it to the switch.

and successfully could upgrade the image.

I will try that thanks.... did not think of that option..