Introduction
I bought a Cisco IPS 4240 at a very good price from Ebay, Cisco IPS arrived my home last night, I was excited and looking forward to use this appliance immediately. To my disappointment, Cisco IPS persistently boot into ROMMON.
I re-image the appliance, and saw the installation was successful, i was hopeful that the appliance can eventually boot into the sensor application, again it boot into ROMMON.
Re-image the IPS
Re-image refers to installing the IPS sensor application using the Cisco IPS 4240 img file. The file with img file format means system image, the file with pkg format is a service pack for user to upgrade the version of their IPS sensor application, the pkg can only be performed in IPS sensor application using the upgrade command.
In ROMMON you will have to use tftp file transfer to install the img file.
To check the network setting in rommon, type set command:
rommon #1> set ROMMON Variable Settings: ADDRESS=10.0.0.1 SERVER=10.0.0.2 GATEWAY=0.0.0.0 PORT=Management0/0 VLAN=untagged IMAGE=IPS-4240-K9-sys-1.1-a-7.0-8-E4.img CONFIG= LINKTIMEOUT=20 PKTTIMEOUT=4 RETRY=20 rommon #2>
The default interface for file transfer for IPS4240 is management0/0. However you can choose the port you want to use by using interface gigabit0/0 command.
rommon #2> interface gigabit0/0 GigabitEthernet0/0 Link is DOWN MAC Address: 000f.f775.8e74 rommon #3> set ROMMON Variable Settings: ADDRESS=10.0.0.1 SERVER=10.0.0.2 GATEWAY=0.0.0.0 PORT=GigabitEthernet0/0 VLAN=untagged IMAGE=IPS-4240-K9-sys-1.1-a-7.0-8-E4.img CONFIG= LINKTIMEOUT=20 PKTTIMEOUT=4 RETRY=20 rommon #4>
Alternatively you can use PORT=management0/0 the variable name PORT must be capitalized otherwise you will receive this error Invalid or incorrect command. Use 'help' for help. All variables that you see from the set output must be capitalized.
Next configure your appliance local IP address and your TFTP server IP address. Lastly set your image name which you want to download from your TFTP server.
rommon #5> address 10.0.0.1 rommon #6> server 10.0.0.2 rommon #7> IMAGE=IPS-4240-K9-sys-1.1-a-7.0-8-E4.img rommon #8> sync Updating NVRAM Parameters... rommon #9>
Use the sync command to save your settings to NVRAM. After you have saved your settings, you can start to download from your TFTP server by using tftp command.
Confreg
The reason why the appliance relentlessly boot into ROMMON is because of config register. The config register of my purchased appliance is at 0x00002140.
rommon #0> confreg Current Configuration Register: 0x00002140 Configuration Summary: boot ROMMON ignore system configuration load ROMMON if netboot fails
The use of confreg command without specifying the register address will bring you to a wizard.
rommon #0> confreg Current Configuration Register: 0x00002140 Configuration Summary: boot ROMMON ignore system configuration load ROMMON if netboot fails Do you wish to change this configuration? y/n [n]: y enable boot to ROMMON prompt? y/n [n]: y select specific Flash image index? y/n [n]: disable system configuration? y/n [n]: go to ROMMON prompt if netboot fails? y/n [n]: enable passing NVRAM file specs in auto-boot mode? y/n [n]: disable display of BREAK or ESC key prompt during auto-boot? y/n [n]: y Current Configuration Register: 0x00010000 Configuration Summary: boot ROMMON display of BREAK or ESC key prompt during auto-boot disabled Update Config Register (0x10000) in NVRAM... rommon #1>
The solution to this problem? Use confreg 0x7
rommon #9> confreg 0x7 Update Config Register (0x7) in NVRAM... rommon #10> confreg Current Configuration Register: 0x00000007 Configuration Summary: boot image index-3 from Flash Do you wish to change this configuration? y/n [n]: rommon #11>
Or confreg 0x1
rommon #11> confreg 0x1 Update Config Register (0x1) in NVRAM... rommon #12> confreg Current Configuration Register: 0x00000001 Configuration Summary: boot default image from Flash Do you wish to change this configuration? y/n [n]: rommon #13>
I should use 0x1, however 0x7 also brings me to the sensor login, and I begin to configure the startup wizard 🙂
cyruslab 