Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Upgrade IOS 6.1(1) to 6.2 & LAN Access

Status
Not open for further replies.
quell

quell

IS-IT--Management
Nov 8, 2002
363
0
0
US
I have a PIX 515 and I would like to upgrade the IOS and install the PDM. If I upgrade the IOS from 6.1(1) to 6.2(2) will it save the current settings into the new IOS? I have looked all over cisco but cant find the answer anywere.

Plus do I need some sort of TFTP server software to do this?

Also I can connect my Cisco VPN client ver 3.5.2 to the PIX (puts a little gold lock in lower right hand corner)but I cannot browse the network. I've tried checking the allow local LAN access box and tried unchecking it with the same results. Do I need a special access-list to do this or do something the the w2k servers? Can anyone help Thank you
 
Sort by date Sort by votes
Hello there,

A software upgrade will keep your current configuration.
If you upgrade to 6.2.X you will also need to upgrade the PDM to the latest version. For the software upgrade process you will need a tftp server and upgrade using the command "copy tftp flash" or from monitor mode. Hope this helps!
 
Upvote 0 Downvote
Make sure you do a write memory before flashing the image. Any changes made to the running configuration will be saved to flash memory.

When you flash the image, you will need to reboot/restart the pix which looses the running configuration.
 
Upvote 0 Downvote

Also, I would use the TFTP server and a &quot;wr net <tftp-ip>:filename&quot; to save a binary of the config. Copy and paste &quot;wr t&quot; to notepad and save to a text file should also be done.

As far as the VPN, there is a wizard on PDM that is pretty cool and will configure it properly.

Remember that you cannot VPN from the same subnet you will be connecting to. To test VPN, you will have to be on a machine that can connect to the outside interface, but it is on a different subnet of the inside interface.

I had some home users with clients that could not VPN to their main sites because the DHCP server of their home DSL routers were leasing an IP of the same subnet that was used in their firms.

Also, if the PIX does not support reverse access. Meaning that once you VPN, you have only access to ALL the networks connected to your inside network, BUT the one you are using to VPN in, the outside subnet.

Again, I've customers that could not access the internet while VPNed, because the PIX was the gateway configured in the firm for internet access. If the firm's lan has a proxy server, it may work, never tried.

Good luck
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
140
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
140
Johnkite
Johnkite
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
169
Shmid
Shmid
gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
49
gbayi_omo
gbayi_omo
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
116
nnaarrnn
nnaarrnn

Part and Inventory Search

Sponsor

Back
Top