The show version command allows the
administrator to display the software version, operating time since the last
reboot, processor type, Flash partition type, interface boards, serial number,
or BIOS ID, activation key value, license type, such as R or UR, and time stamp
for when the configuration was last modified
. The serial
number listed with the show version command is for the
Flash partition BIOS. This number is different from the serial number on the
chassis. When a software upgrade is obtained, the serial number that appears in
the show version command will be needed, not the chassis
number.
The copy tftp flash command enables the
administrator to change software images without accessing the TFTP monitor
mode. This command can be used to download a software image via TFTP with any
PIX Security Appliance model running version 5.1 or later. The image that is
downloaded is made available to the PIX on the next reload.
Be sure to
configure the TFTP server to point to the image to be downloaded. For example,
to download the pix611.bin file from the D: partition on a
Windows system whose IP address is 10.0.0.3, access the Cisco TFTP Server
View > Options menu and enter the filename path such as,
D:\pix_images, where the image is located. Then, to copy the file to the PIX
Security Appliance, use the following command: copy
tftp://10.0.0.3/pix700.bin flash
.
The TFTP server receives the command and determines the actual file location
from its root directory information. The server then downloads the TFTP image
to the PIX.
 |
NOTE:
The TFTP server must be running when the copy tftp
command is entered on the PIX Security Appliance.
|
Entering a New Activation Key
The license for the PIX
Security Appliance can be upgraded using the CLI
. Before entering
the activation key, ensure that the image in Flash and the running image are
the same. This can be done by rebooting the PIX before entering the new
activation key. The PIX will also need to be rebooted after the new activation
key is entered for the change to take effect.
Enter the activation-key-four-tuple as a four-element
hexadecimal string with one space between each element, or
activation-key-five-tuple as a five-element hexidecimal
string with one space between each element as follows:
0xe02888da 0x4ba7bed6 0xf1c123ae
0xffd8624e
The leading 0x specifier is optional. All values are
assumed to be hexadecimal. The key is not stored in the configuration file. The
key is tied to the serial number.
Use the
activation-key command to enter an activation key. In this
command, replace activation-key-four-tuple with the
activation key obtained with the new license as follows:
activation-key 0x12345678 0xabcdef01 0x2345678ab
0xcdef01234
After the activation key is entered, the
system will display an indication that the activation key has been successfully
changed.
Reload the PIX Security Appliance to activate the Flash
activation key.
Upgrading the Image and the Activation Key
If
the image is being upgraded to a newer version and the activation key is also
being changed, reboot the system twice, as shown in Figure
. After the key
update is complete, the system is reloaded a second time, so the updated
licensing scheme can take effect.
If an image is being downgraded, The
PIX Security Appliance will only need to be rebooted once, after installing the
new image. In this situation, the old key is both verified and changed with the
current image.
To view the current activation key, enter the
show activation-key command. Figure
shows error
messages that may be returned in the output from this command, along with steps
that can be taken to resolve the errors.