pix 515E 防火墙 IOS及SDM更新日志

今天更新了PIX515E防火墙的IOS和SDM管理软件,其实很简单

首先,得到适合自己防火墙型号的IOS和SDM,这里cisco在3.0版本的PDM后将管理软件升级到了

ASDM5.0,有比较大的提高。

找到以后在本机架好tftp服务器,可以用cisco的,也可以用别的,我用winagents的,感觉比较舒服。

然后进入pix的终端。

pixfirewall# copy tftp flash

Address or name of remote host [0.0.0.0]? 10.0.0.100

Source file name [cdisk]? pix701.bin

copying t

[url]ftp://10.0.0.100/pix701.bin[/url]

to flash:image

[yes|no|again]? yes

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Received 5124096 bytes

Erasing current image

Writing 5066808 bytes of image

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Image installed

pixfirewall#

pixfirewall#

pixfirewall#

pixfirewall#

pixfirewall# reload

Proceed with reload? [confirm]

重启以后IOS就更新为7.0的了~简单吧?注意,重启的过程中pix会重新装载flashfs:

Initializing flashfs...

flashfs[7]: Checking block 0...block number was (2423)

flashfs[7]: erasing block 0...done.

flashfs[7]: Checking block 1...block number was (24879)

flashfs[7]: erasing block 1...done.

flashfs[7]: Checking block 2...block number was (-16063)

flashfs[7]: erasing block 2...done.

flashfs[7]: Checking block 3...block number was (21670)

……………………………………

比较久,耐心等待,而且不要断电,否则,哼哼

完成时pix还会把以前的config最为downgrade-config保存。

接下来更新ASDM软件:

pixfirewall# copy tftp flash

Address or name of remote host []? 10.0.0.100

Source filename []? asdm-501.bin

Destination filename [asdm-501.bin]?

Accessing t

[url]ftp://10.0.0.100/asdm-501.bin[/url]

...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Writing file flash:/asdm-501.bin...

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

5919340 bytes copied in 85.620 secs (69639 bytes/sec)

pixfirewall# dir

Directory of flash:/

4 -rw- 2809 23:32:19 Aug 14 2006 downgrade.cfg

7 -rw- 5103672 23:33:18 Aug 14 2006 image.bin

11 -rw- 5919340 23:36:47 Aug 14 2006 asdm-501.bin

16128000 bytes total (5094400 bytes free)

pixfirewall# reload

Proceed with reload? [confirm]

这样就可以了,不涉及到IOS更新的重启比较快。

马上就好了。

然后用https连接pix,会有一个提示,问你将ASDM下载安装还是直接在java环境里面起。

其实如果经常管理的还是下载安装了好,反正也不大。

到此就完成了,如果还有疑问可以访问cisco网站的:

[url]http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708d8.shtml#t5[/url]

本文转自 beansprouts 51CTO博客,原文链接:http://blog.51cto.com/netwalk/66237,如需转载请自行联系原作者

上一篇:Linux软件路由防火墙ipcop1.4.5总结
下一篇:系统安全之iptables防火墙