Set it up
Download the image file(s) from support.cisco.com You can up/download them to an FTP, SCP, HTTP, or HTTPS server; provided your sensor can access it.Pull it down
Log into the sensor via a terminal console (telnet or ssh). In configuration mode, we need to pull the image file we downloaded off our server. This example uses our FTP server:conf t
upgrade ftp://ftpuser@192.168.1.1/IPS-K9-X.X-X-XX.pkgYou'll be prompted for a password, so put it in
Enter password: ********Enter yes to complete the upgrade.
The device will pull the image off the server, decompress, install, then reboot. Once rebooted log back in via terminal and check the version.
show verAnd that's it! Chloe can go whine to Jack because she can't get in anymore.
Armageddon (Optional!)
IPS modules are usually in-line, meaning they're the cream filling in our Oreo network. If they go down, everything goes down. So you've unleashed the fires of hell upon earth!Alright, there's a couple things you can do to prevent this from going four-horsemen bad.
1. Make sure to have someone on site, next to the rack, rearing to go
2. Have a cabling contingency; so you can bypass the failed IPS
3. Have another IPS to swap in!
Even with all that, you'll need to get it back to a clean-working state. For this we'll need ROMMON (woo!)
Gather
ROMMON is the boot-loader of an Cisco device, much like on an Android phone. It allows you to manage system files without booting into the OS. Download the IPS system image file to the tftp root directory of a TFTP server that is accessible from your IPS. Make sure you can access the TFTP server location from the network connected to the Ethernet port of your IPS.Press Break or Esc at the following prompt while the system is booting to interrupt boot. Press the spacebar to begin boot immediately.
You have ten seconds to press Break or Esc.
Use BREAK or ESC to interrupt boot.The system enters ROMMON mode. The rommon> prompt appears.
Use SPACE to begin boot immediately.
Check the current network settings.
rommon> set
ROMMON Variable Settings:The variables have the following definitions:
ADDRESS=0.0.0.0
SERVER=0.0.0.0
GATEWAY=0.0.0.0
PORT=Management0/0
VLAN=untagged
IMAGE=
CONFIG=
Address: Local IP address of IPS
Server: TFTP server IP address where the application image is stored
Gateway: Gateway IP address used by IPS
Port: Ethernet interface used for IPS management
VLAN: VLAN ID number (leave as untagged)
Image: System image file/path name Config—Unused by these platforms
Not all values are required to establish network connectivity. The address, server, gateway, and image values are required.
The default interface used for TFTP downloads is Management0/0, which corresponds to the MGMT interface of IPS.
Verify that you have access to the TFTP server by pinging it from your local Ethernet port with one of the following commands.
rommon> ping 192.168.1.1Define the path and filename on the TFTP file server from which you are downloading the image.
rommon> IMAGE=path/file_nameCaution Make sure that you enter the IMAGE command in all uppercase. You can enter the other ROMMON commands in either lower case or upper case, but the IMAGE command specifically must be all uppercase.
UNIX Example
rommon> IMAGE=/system_images/IPS 4240-K9-sys-1.1-a-7.0-4-E4.imgThe path is relative to the default tftpboot directory of the UNIX TFTP server. Images located in the default tftpboot directory do not have any directory names or slashes in the IMAGE specification.
Windows Example
rommon> IMAGE=\system_images\IPS 4240-K9-sys-1.1-a-7.0-4-E4.imgEnter set and press Enter to verify the network settings.
You can use the sync command to store these settings in NVRAM so they are maintained across boots. Otherwise, you must enter this information each time you want to boot an image from ROMMON.
Deploy
Download and install the system image.rommon> tftpTo avoid corrupting the system image, do not remove power from the IPS while the system image is being installed.
If the network settings are correct, the system downloads and boots the specified image on the IPS. Be sure to use the correct IPS image. And now we're back to square-one, BUT without the fire and brimstone. :)
No comments:
Post a Comment