1.备份配置
PIX#write net 192.168.1.1:backuppix
2.制作启动软盘
引用内容:
C:\pix> rawrite
RaWrite 1.2 - Write disk&nb
sp;file to raw floppy diskette
Enter source file name: bh61.bin
Enter destination drive: a:
Please insert a formatted diskette into drive A: and press -ENTER- :
Number of sectors per track for this disk is 18
Writing image to drive A:. Press ^C to abort.
Track: 78 Head: 1 Sector: 16
Done.
*bh61.bin在Cisco网站上下载
3.检查系统配置是否满足6.3(5)要求
引用内容:
PIX>show version
PIX Version 4.4(4)
Compiled on Thu 06-Jan-00 16:07 by pixbuild
pix_chongqinga up 3 mins 20 secs
Hardware: SE440BX2, 128 MB RAM, CPU Pentium II 349 MHz
Flash strata @ base 0x300
0: ethernet0: address is 0002.b303.e528, irq 11
1: ethernet1: address is 0090.279b.a0eb, irq 15
2: ethernet2: address is 0002.b303.e3a8, irq 10
3: ethernet3: address is 0090.2751.d6a0, irq 9
Licensed Connections: 1024
Serial Number: 10204454
主要检查内存容量和闪存容量
[开始升级]1.插入刚才制作好的启动软盘,启动PIX
引用内容:
Cisco Secure PIX Firewall BIOS (3.6)
Booting Floppy
.................................. Cisco Secure PIX Firewall floppy loader (3.0) #0: Tue Sep 11 07:34:46 PDT 2001
Reading installation media.............. 128MB RAM
mcwa i82559 Ethernet at irq 11 MAC: 0002.b303.e528
mcwa i82559 Ethernet at irq 15 MAC: 0090.279b.a0eb
mcwa i82559 Ethernet at irq 10 MAC: 0002.b303.e3a8
mcwa i82559 Ethernet at irq 9 MAC: 0090.2751.d6a0
Flash=i28F640J5 @ 0x300
BIOS Flash=AT29C257 @ 0xfffd8000
-----------------------------------------------------------------------
|| ||
|| ||
|||| ||||
..:||||||:..:||||||:..
c i s c o S y s t e m s
Private Internet eXchange
-----------------------------------------------------------------------
Cisco PIX Boothelper
Cisco PIX Firewall Version 6.1(1)
pixboothelper>
*启动之后提示符为:pixboothelper>
2.配置相应参数
引用内容:
pixboothelper> interface 1
current interface is 1
0: i82557 @ PCI(bus:0 dev:13 irq:11) ethernet0 not_init
1: i82557 @ PCI(bus:0 dev:14 irq:15) ethernet1 100full
2: i82557 @ PCI(bus:0 dev:15 irq:10) ethernet2 not_init
3: i82557 @ PCI(bus:0 dev:16 irq: 9) ethernet3 not_init
pixboothelper> address 192.168.1.1 255.255.255.0
address: 192.168.1.1
pixboothelper> server 192.168.1.2
server 192.168.1.2
pixboothelper> ping 192.168.1.2
192.168.1.2 NO response received -- 1000ms
192.168.1.2 NO response received -- 1000ms
192.168.1.2 NO response received -- 1000ms
**Ping不通192.168.1.2是因为主机上设置了防火墙
但是在主机这段可以看到192.168.1.1的arp解析,说明两者能够正常通讯
**前提是主机已经设置正确IP地址,以及网口和PIX的第二口正常连通。
3.升级
引用内容:
pixboothelper> tftp
tftp pix635.bin@192.168.1.3
Received 2101248 bytes.
Flash version 4.4(4), Install version 6.3(5)
Installing to flash
Serial Number: 18026694 (0x11310c6)
Activation Key: 2d890a17 f44c5fa6 a963ccf5 996782d8
Do you want to enter a new activation key? [n]
Writing 1978424 bytes image into flash...
Ready to reboot, please remove the disk.
取出软盘,重启
4.重启验证升级是否成功
引用内容:
pixfirewall>show version
Cisco PIX Firewall Version 6.3(5)
Compiled on Thu 04-Aug-05 21:40 by morlee
pixfirewall up 32 secs
Hardware: SE440BX2, 128 MB RAM, CPU Pentium II 350 MHz
Flash i28F640J5 @ 0x300, 16MB
BIOS Flash AT29C257 @ 0xfffd8000, 32KB
0: ethernet0: address is 0002.b303.e528, irq 11
1: ethernet1: address is 0090.279b.a0eb, irq 15
2: ethernet2: address is 0002.b303.e3a8, irq 10
3: ethernet3: address is 0090.2751.d6a0, irq 9
Licensed connections: 1024
Serial Number: 18026694 (0x11310c6)
Running Activation Key: 0x2d890a17 0xf44c5fa6 0xa963ccf5 0x996782d8
Configuration has not been modified since last system restart.
我们可以看到PIX已经成功升级到6.3(5)这个版本
