A lot of cisco techs are in the same position. You only have remote access to a router but need to perform an IOS upgrade. This might be to squash a bug or simply because Cisco TAC will not proceed with a TAC case until you do so.

How do you verify that the IOS image has not been corrupted between cisco.com and your device? Read on to find out!

All of the IOS downloads have an MD5 sum that identifies the original unaltered files. MD5 hashing is basically a way of taking an input, in this case the IOS, running it through a hashing algorithm and coming up with a string/Value. The important thing to note here is no matter who runs the IOS through the hashing algorithm, the output will always be the same. If even a slight change has been made to the file then the output will be different.

So, once your IOS is on the router you need to do the following:

router#verify /md5 disk0:c1700-advsecurityk9-mz.123-14.T7.bin

At this point the router will respond with the hash value of the file you have uploaded which can now be compared to the hash value from cisco.com. If these values do not match DO NOT RELOAD THE ROUTER!!! If you do the chances are you will end up with a paper weight until you can get out to site.
You should re-upload the IOS to ensure that it is correct and perform the above again. If you get a mismatched input then the chances are the IOS on your TFTP server is corrupt and you will need to re-download from Cisco.com.

Hope that helps you avoid those “uh oh” moments when a device doesnt return to service!

Thanks for reading.

This entry was posted on Tuesday, July 22nd, 2008 at 10:41 am and is filed under Config. Guides, Tricks and Tips. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.