Today I wanted to upgrade my PIX 515E to the most recent version available for the hardware.  I have been running PIX IOS version 7.2(3) and ASDM version 5.2(3).  Visiting Cisco’s website I found I could download version 8.0(4)28 for the IOS and 6.1(5)51 would be needed as my 5.2(3) version would no longer work once I upgraded the PIX.

The upgrade process is easy using either the CLI or ASDM.  I was unable to copy the image.bin file that was already located in the flash of the PIX, and from what I found on the Internet it looks as if the PIX does not allow you to copy the file as it is always in use.  I didn’t look into it much further so I can’t say for sure if that is the case, however I was able to just upload the new image and overwrite the old image.bin file located in the flash.  After the upload is finished from the TFTP server all that is required is to reload the PIX and it will come up with the new image file.

To start off we choose Tools / Upgrade Software.  You then have the option of choosing the image you are uploading, PIX or ASA, the location of the file and the path of where you are going to write the file to on the PIX.  Once all is done, click on Upload Image.

pixupgrade001

 

 

 

 

 

It will take a few moments to upload the image to Flash, at which time it will tell you if the upload was successful or not.  When it is finished, just reload the PIX to have it come up with the newly installed IOS image.

pixupgrade002

 

 

 

 

 

A show flash verified that the image was indeed in place.

pixupgrade003

 

 

My PIX only has 16MB of flash, so I needed to erase the old ASDM image before I could upload the new image file.  As ASDM no longer worked with the new image, the remaining of these steps need to be done in the CLI.

First I needed to make a slight change to the config file:

Firewall#conf t

Firewall(config)#no asdm image flash:/asdm-523.bin

Firewall(config)#wr

Next I needed to delete the old image from flash:

Firewall#delete flash:/asdm-523.bin

The firewall will ask you to confirm you wish to delete the file before it actually does.

The next step is to upload the new ASDM image file to flash via TFTP

Firewall#copy tftp:/asdm-61551.bin flash:/asdm-61551.bin

pixupgrade004

 

 

 

 

 

 

 

Once the image has been copied over we just need to tell ASDM which image to use once again.

Firewall#conf t

Firewall(config)#asdm image flash:/asdm-61551.bin

Firewall(config)#wr

At this point I launched my ASDM software on my PC and it detected the version on the Firewall was newer than what was installed on the PC and asked if I would like to upgrade.

I said yes, and the following screen launches.  Just click next to continue.

pixupgrade005

 

 

 

 

 

 

Click on Install to begin the upgrade.

pixupgrade006

 

 

 

 

 

 

The needed files will be copied onto your system, and then it will tell you if it succeeded or not.

pixupgrade007

 

 

 

 

 

 

Once the upgrade is finished, just launch ASDM and log onto the firewall.

pixupgrade008

 

 

 

 

 

 

Once you log on successfully the ASDM main screen comes online.  I like it much better than the 5.2 version of ASDM.

pixupgrade009

 

 

 

 

 

In all the process was very easy and there was only about a minute of down time while the firewall reloaded.  As always if you have any comments or questions, feel free to contact me at ivan.windon@l3pdu.com

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

six + one =