hit counter script

Understanding Rommon; Supported Tftp Servers; Connecting An Appliance To A Terminal Server - Cisco IPS-4255-K9 - Intrusion Protection Sys 4255 Installation Manual

Intrusion prevention system appliance and module installation guide for ips 7.0
Table of Contents

Advertisement

Installing System Images

Understanding ROMMON

Some Cisco sensors include a preboot CLI called ROMMON, which lets you boot images on sensors
where the image on the primary device is missing, corrupt, or otherwise unable to boot the normal
application. ROMMON is particularly useful for recovering remote sensors as long as the serial console
port is available.
Access to ROMMON is available only through the serial console port, a Cisco-standard asynchronous
RS-232C DTE available in an RJ-45F connector on the sensor chassis. The serial port is configured for
9600 baud, 8 data bits, 1 stop bit, no parity, and no flow control.
For More Information
For the procedure for using a terminal server, see
page

Supported TFTP Servers

ROMMON uses TFTP to download an image and launch it. TFTP does not address network issues such
as latency or error recovery. It does implement a limited packet integrity check so that packets arriving
in sequence with the correct integrity value have an extremely low probability of error. But TFTP does
not offer pipelining so the total transfer time is equal to the number of packets to be transferred times
the network average RTT. Because of this limitation, we recommend that the TFTP server be located on
the same LAN segment as the sensor. Any network with an RTT less than a 100 milliseconds should
provide reliable delivery of the image.
Some TFTP servers limit the maximum file size that can be transferred to ~32 MB. Therefore, we
recommend the following TFTP servers:

Connecting an Appliance to a Terminal Server

A terminal server is a router with multiple, low speed, asynchronous ports that are connected to other
serial devices. You can use terminal servers to remotely manage network equipment, including
appliances.
To set up a Cisco terminal server with RJ-45 or hydra cable assembly connections, follow these steps:
Connect to a terminal server using one of the following methods:
Step 1
Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0
12-14
12-14.
For Windows:
Tftpd32 version 2.0, available at:
http://tftpd32.jounin.net/
For UNIX:
Tftp-hpa series, available at:
http://www.kernel.org/pub/software/network/tftp/
For terminal servers with RJ-45 connections, connect a 180 rollover cable from the console port on
the appliance to a port on the terminal server.
For hydra cable assemblies, connect a straight-through patch cable from the console port on the
appliance to a port on the terminal server.
Chapter 12
Upgrading, Downgrading, and Installing System Images
Connecting an Appliance to a Terminal Server,
OL-18504-01

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents