Cisco Systems 78-11180-01 Using TFTP Commands

2-31

Installation Guide for the Cisco Secure PIX Firewall Version 5.2

78-11180-01

Chapter2 Installing a PIX Firewall

Software Installation Notes

Note A diskette software image is not included with the PIX 506, PIX 515, or PIX 525. The

initial image is stored in Flash memory. You can obtain the latest binary image from Cisco

Connection Online (CCO) using a web browser or via FTP, storing the image on a TFTP

server. Once the TFTP server is available on a network accessible to the PIX Firewall and

you specify the IP address of the server from boot mode, the PIX 506, PIX 515, or PIX525

will download the binary image over the network to itself.

Note Do not attempt to use a PIX Firewall diskette from a PIX 520 or earlier model to transfer

the image to the TFTP server. This image will not install correctly. While the ROM

monitor is protected from this boot method, the PIX 506, PIX 515, and PIX 525 will not

boot from the diskette image.

Note Entering a new activation key or recovering a password requires that you access the ROM

monitor, download an image, and then proceed on to the prompts that follow this activity.

(For password recovery, contact Cisco’s Customer Support organization as described in

the section “Obtaining Technical Assistance” in “About This Manual.”)

Note When you enter the ROM monitor, PIX 506, PIX 515, and PIX 525 applications will not

be running; therefore, no traffic will pass in or out of your network while this operation is

being performed.

Using TFTP Commands

The following sections describe TFTP commands:

•Using the copy tftp flash Command

•Using the monitor Command

With the 5.1 or higher software release, you can use the copy tftp flash command from the PIX Firewall

configuration mode. This command allows remote management of a binary image that can be uploaded

without accessing monitor mode. The next section describes the copy tftp flash command.

Use the monitor command with software prior to the 5.1 release. See the “Using the monitor

Command” section for more details.

Once you start the PIX Firewall and go to configuration mode, you can use the copy tftp flash command

to download a software image via TFTP. You can use the copy tftp flash command with any PIX

Firewall model running version 5.1 or later.

The image you download is made available to the PIX Firewall on the next reload (reboot).

The command syntax is as follows:

copy tftp[:[[//location][/pathname]]] flash