Reverting AsyncOS

Before you begin

  • Back up or save any data that you want to preserve to a location off the appliance.

  • You must have a configuration file for the version you want to revert to. Configuration files are not backwards-compatible.

  • Because this command destroys all configuration, it is highly recommended that you have physical local access to the appliance when reverting.

  • If quarantines are enabled on your Email Security appliances, disable centralization so that messages are quarantined locally on those appliances.

Procedure

Step 1

Ensure that you have the configuration file for the version you want to revert to. Configuration files are not backwards-compatible.

Step 2

Save a backup copy of the current configuration of your appliance (with passphrases unmasked) on another machine. To do this, you can email the file to yourself or FTP the file. A simple way to do this is to run the mailconfig CLI command, which emails the current configuration file on your appliance to the specified email address.

Note
This is not the configuration file you will load after reverting.

Step 3

If you use the Safelist/Blocklist feature, export the Safelist/Blocklist database to another machine.

Step 4

Suspend any listeners on your Email Security appliances.

Step 5

Wait for the mail queue to empty.

Step 6

Log in to the CLI of the appliance you want to revert.

When you run the revert command, several warning prompts are issued. Once these warning prompts are accepted, the revert action takes place immediately. Therefore, do not begin the reversion process until after you have completed the prereversion steps.

Step 7

From the command-line prompt, type the revert command and respond to the prompts.

The following example shows the revert command:

Example:


m650p03.prep> revert
This command will revert the appliance to a previous version of AsyncOS.
WARNING: Reverting the appliance is extremely destructive.
The following data will be destroyed in the process:
- all configuration settings (including listeners)
- all log files
- all databases (including messages in Virus Outbreak and Policy
quarantines)
- all reporting data (including saved scheduled reports)
- all message tracking data
- all Cisco Spam Quarantine message and end-user safelist/blocklist data
Only the network settings will be preseved.
Before running this command, be sure you have:
- saved the configuration file of this appliance (with passphrases
unmasked)
- exported the Cisco Spam Quarantine safelist/blocklist database
   to another machine (if applicable)
- waited for the mail queue to empty
Reverting the device causes an immediate reboot to take place.
After rebooting, the appliance reinitializes itself and reboots again to the desired version.
Do you want to continue? yes
Are you sure you want to continue? yes
Available versions
=================
 1. 7.2.0-390
 2. 6.7.6-020 
Please select an AsyncOS version: 1
You have selected "7.2.0-390".
Reverting to "testing" preconfigure install mode.
The system will now reboot to perform the revert operation.

Step 8

Wait for the appliance to reboot twice.

Step 9

Log in to the appliance using the CLI.

Step 10

Add at least one Web Security appliance and wait a few minutes to allow any URL Category updates to be downloaded from that appliance.

Step 11

After URL Category updates are completed, load the XML configuration file of the version you are reverting to.

Step 12

If you use the Safelist/Blocklist feature, import and restore the Safelist/Blocklist database.

Step 13

Reenable any listeners on your Email Security appliances.

Step 14

Commit your changes.

The reverted Cisco Content Security appliance should now run using the selected AsyncOS version.

Note
It may take 15 to 20 minutes before reversion is complete and console access to the Cisco Content Security appliance is available again.