PIX520从4.4升级到6.3(5)的过程

1.备份配置
PIX#write net 192.168.1.1:backuppix

2.制作启动软盘

引用内容： C:\pix> rawrite

RaWrite 1.2 - Write disk file to raw floppy diskette


Enter source file name: bh61.bin

Enter destination drive: a:

Please insert a formatted diskette into drive A: and press -ENTER- :

Number of sectors per track for this disk is 18

Writing image to drive A:. Press ^C to abort.

Track: 78 Head: 1 Sector: 16

Done.


*bh61.bin在Cisco网站上下载

3.检查系统配置是否满足6.3(5)要求
引用内容： PIX>show version
PIX Version 4.4(4)

Compiled on Thu 06-Jan-00 16:07 by pixbuild


pix_chongqinga up 3 mins 20 secs


Hardware: SE440BX2, 128 MB RAM, CPU Pentium II 349 MHz

Flash strata @ base 0x300

0: ethernet0: address is 0002.b303.e528, irq 11

1: ethernet1: address is 0090.279b.a0eb, irq 15

2: ethernet2: address is 0002.b303.e3a8, irq 10

3: ethernet3: address is 0090.2751.d6a0, irq 9

Licensed Connections: 1024

Serial Number: 10204454

主要检查内存容量和闪存容量

[开始升级]
1.插入刚才制作好的启动软盘，启动PIX
引用内容： Cisco Secure PIX Firewall BIOS (3.6)

Booting Floppy

.................................. Cisco Secure PIX Firewall floppy loader (3.0) #0: Tue Sep 11 07:34:46 PDT 2001
Reading installation media.............. 128MB RAM
mcwa i82559 Ethernet at irq 11 MAC: 0002.b303.e528
mcwa i82559 Ethernet at irq 15 MAC: 0090.279b.a0eb
mcwa i82559 Ethernet at irq 10 MAC: 0002.b303.e3a8
mcwa i82559 Ethernet at irq 9 MAC: 0090.2751.d6a0
Flash=i28F640J5 @ 0x300
BIOS Flash=AT29C257 @ 0xfffd8000

-----------------------------------------------------------------------
|| ||
|| ||
|||| ||||
..:||||||:..:||||||:..
c i s c o S y s t e m s
Private Internet eXchange
-----------------------------------------------------------------------
Cisco PIX Boothelper

Cisco PIX Firewall Version 6.1(1)

pixboothelper>

*启动之后提示符为:pixboothelper>

2.配置相应参数

引用内容： pixboothelper> interface 1

current interface is 1

0: i82557 @ PCI(bus:0 dev:13 irq:11) ethernet0 not_init

1: i82557 @ PCI(bus:0 dev:14 irq:15) ethernet1 100full

2: i82557 @ PCI(bus:0 dev:15 irq:10) ethernet2 not_init

3: i82557 @ PCI(bus:0 dev:16 irq: 9) ethernet3 not_init


pixboothelper> address 192.168.1.1 255.255.255.0

address: 192.168.1.1

pixboothelper> server 192.168.1.2

server 192.168.1.2

pixboothelper> ping 192.168.1.2

192.168.1.2 NO response received -- 1000ms

192.168.1.2 NO response received -- 1000ms

192.168.1.2 NO response received -- 1000ms

**Ping不通192.168.1.2是因为主机上设置了防火墙
但是在主机这段可以看到192.168.1.1的arp解析，说明两者能够正常通讯
**前提是主机已经设置正确IP地址，以及网口和PIX的第二口正常连通。

3.升级

引用内容： pixboothelper> tftp

tftp pix635.bin@192.168.1.3

Received 2101248 bytes.

Flash version 4.4(4), Install version 6.3(5)


Installing to flash


Serial Number: 18026694 (0x11310c6)

Activation Key: 2d890a17 f44c5fa6 a963ccf5 996782d8


Do you want to enter a new activation key? [n]


Writing 1978424 bytes image into flash...


Ready to reboot, please remove the disk.


取出软盘，重启

4.重启验证升级是否成功

引用内容： pixfirewall>show version
Cisco PIX Firewall Version 6.3(5)


Compiled on Thu 04-Aug-05 21:40 by morlee


pixfirewall up 32 secs


Hardware: SE440BX2, 128 MB RAM, CPU Pentium II 350 MHz

Flash i28F640J5 @ 0x300, 16MB

BIOS Flash AT29C257 @ 0xfffd8000, 32KB


0: ethernet0: address is 0002.b303.e528, irq 11

1: ethernet1: address is 0090.279b.a0eb, irq 15

2: ethernet2: address is 0002.b303.e3a8, irq 10

3: ethernet3: address is 0090.2751.d6a0, irq 9


Licensed connections: 1024


Serial Number: 18026694 (0x11310c6)

Running Activation Key: 0x2d890a17 0xf44c5fa6 0xa963ccf5 0x996782d8

Configuration has not been modified since last system restart.



我们可以看到PIX已经成功升级到6.3(5)这个版本

文章整理：西部数码--专业提供域名注册、虚拟主机服务
http://www.west263.com
以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息，谢谢!