The 3495 does not come with an optical drive, so one option is to use a bootable USB drive. I suppose it could be possible to boot to a USB DVD drive, but I don’t have the time to mess with that option – especially if it ends up being that only certain DVD drives are supported. The other option is the CIMC method. We’ll cover the bootable USB method here and I’ll create another post for the CIMC method. One note of interest is that when you create this bootable USB drive, you’ll only be able to use it on one appliance. I thought that very strange – when I successfully used my USB drive to reimage one appliance, I moved it to the second one – but no joy. It simply hangs at GRUB. Just to be sure something didn’t go awry with my USB drive, I performed the bootable USB ritual again on a different USB drive (and different brand). The same thing happened again – worked as expected on the first appliance but would not work on any other appliances. If you have multiple appliance to reimage, I strongly recommend the CIMC method.
The instructions for booting to USB are included in the ISE 1.2 Hardware Installation Guide (http://www.cisco.com/en/US/docs/security/ise/1.2/installation_guide/ise_ig.html) but they aren’t verbose enough for me. First, they mention taking a few files from the iso file and using them to make your bootable USB drive. There are many network engineers out there that don’t know enough about linux to work that out on their own. If you have a Win8 box handy, you can open the iso file in Windows Explorer, navigate to the images directory within the iso, and copy those to a directory on your system. You can then transfer those to the Linux distro of your choice to run the script (if you are Linux savvy, you know you can do this natively in your choice distro). I used VMPlayer on my Win8 spare machine to spin up a CentOS instance. It is easy enough to mount the USB device so you can copy the iso and the separate scripts (one for making the USB bootable, the other to revert it back to a Win and OSX usable format) to the USB drive and then just copy the files to a directory on your linux system. From the VMPlayer top menu, you can choose Player->Removable Devices, choose your USB drive, and click Connect. This will cause it to be available to your linux OS. From the directory you dumped the scripts in, you can launch them as described in the ISE 1.2 HIG.
In addition, I decided to use CentOS 6.4 as my linux flavor of choice for performing this little ritual. CentOS is a great platform it seems, but the Cisco provided instructions do not work – even though CentOS is listed as a tested platform for this process. They don’t mention that syslinux is required (and may be installed by default, I’m no Linux guru to be sure), but the path included in the script does not work on CentOS 6.4 (perhaps other versions and other distros as well). The iso-to-usb.sh script calls for the syslinux files to be in /usr/lib, but in CentOS 6.4 they are in /usr/share. So, easy enough, just modify the script so that anywhere you see /usr/lib, change to /usr/share. I used vi to modify the multiple references that needed to be changed.
If for some reason you don’t have syslinux installed, you can install that by issuing the command “yum install syslinux” and away you go.
Also, for the uninformed (much like me on Linux), you do need to use /dev/sdb, not /dev/sdb1 in the statement where you are executing the script. “sdb1” is a partition, whereas “sdb” is the device. We want the device in this case. If you want to see what devices are currently mounted, just issue the command “mount -l” to see them.
Again, I’m no linux guru so if anyone sees issues with my statements above or if you know a better way to handle this, speak up!
**Update 8/14/13- I opened a case with TAC regarding my experience with this method. A developer came up with a new script that addresses the problem with /usr/share. The new script looks in /usr/lib OR /usr/share. This script is not available on CCO yet so if you need it, you may need to open a TAC case to get it until the next iso is published or they post it separately on CCO. The developer said they also tested making a bootable USB using this script and reimaging mulitple appliances. So, hopefully both issues are resolved. I’ll test the new script on my next project involving 3495’s.