Cisco Firewall :: ASA 5550 - Cannot Copy IOS From Flash To PC
Jan 8, 2013
I just got a brand new ASA 5550, i configured the port g0/0 on asa with an ip address 192.168.10.1 then configure my computer with ip 192.168.10.2 and default gateway is 192.168.10.1. I'm able to ping the asa from my computer. I remote to ASA thru the console port and try to copy iOS from flash to my pc but it doesn't work.
Cisco asa# copy flash tftp://192.168.10.2/asa804-k8.bin
Source file name []? asa804-k8.bin
Address or name of remote host [192.168.10.2]?
Destination file name [asa804-k8.bin]?
Writing file tftp://192.168.10.2/asa804-k8.bin...
!%Error writing tftp://192.168.10.2/asa804-k8.bin (Timed out attempting to connect)
Cisco asa#
View 3 Replies
ADVERTISEMENT
Jul 19, 2011
I am using TFTPD32 to upgrade the IOS on a router. When I type in the commands copy tftp flash and enter all the necessary information, the router sits for a minute or so and then times out. There is no entry made in the log when it times out. copy flash tftp yields the same result. The fa 0/0 interface and the TFTP server are both on the same subnet and can successfully ping one anothe
View 16 Replies
View Related
Feb 26, 2012
Trying to copy the system image file from the sup-bootflash to a new 64MB ATA flash card. Yes the software can support the 64MB card.
The ATA flash card was formated successfully, however I cannot copy the system image to it so that it can boot after a power loss.
The command I tried was: console(enabled) copy sup-bootflash: slot0:
The source filename was typed in as shown in the Show Verison command.The result was: Error opening slot0: no such device.I suspect that I am missing something obvious as I am new to Cisco Switches.
View 1 Replies
View Related
Nov 9, 2011
Is it possible to use the USB ports on a ASA5510's to copy files onto the flash?
I have not been able to find any ionfo on this in the users guides ?
View 2 Replies
View Related
Feb 24, 2012
I have a really stupid problem with my RV042. The main logon password has expired but it will not let me change it at all. Basically I try to login but get the error 'The old password has expired. Please change the password'. But with no prompt at all for a new password and just a return to the login page. Tried various different browsers, tried the old default password but nothing will work. There seems to be no way of changing it and I cannot login.Am I missing something glaringly obvious? I really don't want to reset it to default as I have numerous VPN tunnels configured and various other settings.
View 2 Replies
View Related
Feb 20, 2012
I have a 3550 switch that I am trying to upgrade the IOS on.I am trying to copy to a TFTP server.I am receiving a socket error. [code]
View 3 Replies
View Related
Jun 19, 2012
I have two Routers (C1812 & C1841) each having different version of IOS images. I was wondering if its possible to copy IOS image from flash of one Router and use it to upgrade another.
View 2 Replies
View Related
Jul 9, 2012
I am trying to research the possiblity of backing up IOS and configurations from an Etherswitch module, and being able to store the files onto the Host Router's flash (3925 ISR). and then being able to recover that IOS and configuration, in case I have to replace the Etherswitch Module.
View 4 Replies
View Related
Jul 27, 2011
I m unable to take backup of Switch c2960 using
#Copy flash: tftp
while i m taking it show some error
t#copy flash: tftp:
Source filename []? c2960-lanbasek9-mz.122-44.SE6
Address or name of remote host []? 10.23.120.15
Destination file name [c2960-lanbasek9-mz.122-44.SE6]?
%Error reading flash:c2960-lanbasek9-mz.122-44.SE6(Is a directory)
sh flash:
Directory of flash:/
2 -rwx 1919 Mar 1 1993 10:27:17 +05:30 private-config.text
3 -rwx 11056 Mar 1 1993 10:27:17 +05:30 config.text
4 -rwx 804 Mar 1 1993 05:30:42 +05:30 vlan.dat
6 -rwx 2072 Mar 1 1993 10:27:17 +05:30 multiple-fs
7 drwx 192 Mar 1 1993 05:37:02 +05:30 c2960-lanbasek9-mz.122-44.
SE6
View 1 Replies
View Related
Feb 20, 2012
I have a 3550 switch that I am trying to upgrade the IOS on.I am trying to copy to a TFTP server.I am receiving a socket error.I saw that this can be fixed with
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#no service config
Switch(config)#exit
Switch#
00:13:47: %SYS-5-CONFIG_I: Configured from console by console
Switch#reload
I have done this 3 times to no avail.My TFTPd32 server on my pc is working fine.Here is the error
Switch#sh flas
Directory of flash:/
2 -rwx 556 Mar 1 1993 00:33:53 +00:00 vlan.dat
4 -rwx 3775 Mar 1 1993 00:37:54 +00:00 config.text
5 -rwx 24 Mar 1 1993 00:37:54 +00:00 private-config.text
6 -rwx 5687963 Mar 16 2007 01:05:23 +00:00 c3550-ipbasek9-mz.122-25.SEB4.bin
8 drwx 192 Mar 1 1993 00:04:40 +00:00 c3550-i9q3l2-mz.121-22.EA1a
[code]......
View 14 Replies
View Related
Dec 7, 2011
I am trying to configure a switch that was given to me. They don't know the password to anything. I have already tried to recover it. The problem is, the switch doesn't load flash, or will copy flash from xmodem either. It also doesnt load the helper or boot. It is user mode and lets me do nothing. It doesnt let me use the enable command to get into it. I would like to start the config from scratch. Its a 3500xl switch, 24 ports. I dont know what to do with it. I am trying to study for my CCENT Exam and would like a switch that worked.
View 8 Replies
View Related
Feb 6, 2011
When I try to copy ios to one flash in router 2801, I receive the message of of insufficient memory, and have the follow out in the next command: [code] This product contains cryptographic features and is subject to UnitedStates and local country laws governing import, export, transfer anduse. Delivery of Cisco cryptographic products does not implythird-party authority to import, export, distribute or use encryption.Importers, exporters, distributors and users are responsible forcompliance with U.S. and local country laws. By using this product youagree to comply with applicable laws and regulations. If you are unableto comply with U.S. and local laws, return this product immediately.
View 6 Replies
View Related
Oct 5, 2010
I have a cisco 3750 swicth which i want to load a new ios to but unfortunately there's no enough space on the flash. This means that i need to backup the cureent (old) ios to my tftp server but the command keeps failing. It always gives 'No such file or directory' error .The free space on the flash is 8mb and my new ios is about 11mb.I also went inside the directory where the old is and inputed the same copy command but to no avail.Below are some of the command failure on the swicth:
[code]....
View 25 Replies
View Related
Feb 22, 2012
I recently posted this same issue the other day, using TFTPd32. Now i am pretty close to fixing it. I do have a different setup; my pc ethernet port is broken so I am using an ethernet/usb adapter. I am attempting to backup my IOS from a 3550 switch to my PC.
This is the error I am getting. Code...
View 5 Replies
View Related
Jul 7, 2011
How do I save/copy all of the router configuration entries onto a memory/flash usb drive? I did not configure the router myself (out of town when purchased). I have already downloaded the manual for that router and I want to understand exactly what she (person who configured router) did and identify any mistakes she might have made. Once downloaded, I assume I can print out all configuration settings.
View 3 Replies
View Related
Mar 3, 2011
i two 5550 firewall set up for redundance purpose . in failover we define two different ip add one for primary and one for secondary .interface Ethernet0/0 nameif outside security-level 0 ip address xxxx.0.0.0.1 255.255.255.0 standby xxxx.0.0.2!interface Ethernet1/0 nameif inside security-level 100 ip address 10.0.0.12 255.255.255.0 standby 10.0.0.11.default gateway for host will be 10.0.0.12 (primary fw address) however in case of failover , the secondary fw will be up with ip address that was assigned for primary .in this case the secondary ip add 10.0.0.11 is actually nerver used? similarly do i need to have two public ip address for outside (one for primary and one for secondary ) ? or in case if primary fails the secondary comes onlie and take the ip of primary fw . hence i only need to purchase just one ip address.
View 6 Replies
View Related
Feb 22, 2013
I have cisco 5550 Firewall, one messages appear in syslog server from Firewall, (warning) i want to stop this message from appearing syslog traps.
View 2 Replies
View Related
Apr 17, 2011
I am having two ASA 5550 firewall running in active/standby mode. With in last two months our secondary firewall got down automatically 3 times. Firewall is running with IOS version 7.1.2. how to proceed further troubleshooting because there are not any logs on firewall.
View 3 Replies
View Related
Aug 7, 2011
I have seen similar questions but with not a lot of answers for the ASA platform. As the title states, What procedures can I use to copy a pre-existing configured CISCO ASA 5520 to a brand new CISCO ASA 5520. I have found a URL that seems to answer some questions but not all. [URL]
The URL talks more about the PIX's than the ASA
Is there any documentation or shorter procedures for product specific on the 5520?
View 1 Replies
View Related
Mar 28, 2011
The FTP server log shows no hits, from 192.168.1.4 I can telnet to 5505 no problem.
Doing everything on inside interface eth0/1, ftp server shows up and arp table of 5505 has correct mac for 192.168.1.4
ciscoasa# copy ftp://bob@192.168.1.4/asa841-k8.bin disk0:
Address or name of remote host [192.168.1.4]?
Source username [bob]?
[Code]...
View 2 Replies
View Related
Oct 29, 2012
I made an ASDM upgrade for one of my two CISCO ASA 5520. If I copy a file to the primary ASA's flash, is there any command I can run on the primary ASA to copy a file to the secondary ASA?
View 1 Replies
View Related
Aug 16, 2011
I was trying to upgrade from 8.3.1 to 8.3.2. but I am unable to copy via tftp to the ASA flash or disk0:
ASA5520# copy tftp: flash:
Address or name of remote host []? 10.88.127.153
Source filename []? asa831-k8.bin
Destination filename [asa831-k8.bin]?
[code]....
Half way thru writing to the disk, it goes for a reboot. There is more than enought space on the disk0. I tried copying via a Compact Flash, but the ASA is not detecting the Compact Flash (which I thinks should be disk1). I tried copying a asdm file, even that also went for a reboot.I am stuck now, unable to upgrade
View 12 Replies
View Related
Nov 13, 2008
I have SSH and SCP enabled on the ASA 5510. I can SSH fine into the device. However, I cannot copy files to the device usng WinSCP. Used all options but nothign seems to work. I see the log authentication successful, but then WinSCP reports no response from ASA.
View 5 Replies
View Related
May 13, 2011
I have ASA5550 ruuning Version 8.3(1) with inside and outside interfaces as below [code] On the inside : I have a server (10.20.10.36) that need to be accessed from an outside host (Y.Y.131.34) , so I have the below NAT/ACL rules. [code] is it right that I have to add two ACL entry for outside host to the NATed IP of the inside server , then again add another ACL entry from the same outside host to the private IP of my inside server o get this communication done?
View 7 Replies
View Related
Jan 31, 2012
we had just installed our ASA 5550 with IOS 8.0(2) a couple of week ago.
2 interfaces from each slot are being used ie 0/0 for Branch users comming via MPLS cloud , 0/1 for internal LAN users comming form Core Switch & 1/0 for Server farm LAN , 1/1 for Internet (outside)
the first 3 interface are considered inside with sec set at 100 while the 1/1 is outside with sec at 0.
Last night it suddenly started dropping all connections without any warning or any noticible log form the ASDM logging.
the connection drop would happen for 2 - 3 minutes and would work fine for the next 15 minutes or so..
after conencting the console , we found out that the IOS would suddelny go abrupt and show this display ...
TP-ASA(config)# TP-ASA(config)# TP-ASA(config)# Thread Name: Dispatch UnitPage fault: Address not mapped vector 0x0000000e edi 0x24d184b0 esi 0x0000000d ebp 0x1c6ceaf8 esp 0x1c6ceae0 ebx 0x09e965e0 edx
[Code]....
View 2 Replies
View Related
Oct 4, 2011
I have looked in the books I have (Cisco ASA, PIX and FWSM; ASA 8.0) and googled a good bit but can't seem to find any specific mention of how to do NAT exemption with v8.4. It seems NAT exemption (NAT 0 access-list) was deprecated. Using ASDM, there's no corresponding menu item for this that is obvious.
We have public addresses inside the ASA and want to allow in/outbound connections using these IP's without NAT. The ASA is a 5550.
View 7 Replies
View Related
May 21, 2013
I need to understand if ASA 5550 ver 8.2(1) is comptible with IPv6, if not what is the upgrade path to make it IPv6 compatible. The requirement is dual stack of IPv4 and IPv6 should run in the same HA cluster and later will shift IPv6 completely.
The existing infrastructure is equipped with ASA with HA Active/Active mode. The command output for required details are attached here in txt mode.
View 2 Replies
View Related
Mar 10, 2013
I have Active Standby ASA5550 setup with VPN premium license. A few days back we had a requirement of SSL VPN connection for and we got a temporary from Cisco for same, this license expired and the ASA reverted to it's original license. 3 4 days after this we saw a sudden increase in CPU utilization (upto 90% + -5%) on the ASA during production hours but were not able to figure out the reason, in order to restore the services we failovered the firewall to secondary and everything worked fine. We were suspecting one of the following but there were no logs for any of this
1. The ASA hardware was haivng problem
2. Some client was doing a DoS attack to bring down the ASA (no logs for this as well).
We took a downtime to look further by failovering the ASA back to primary and it worked fine without any issues ruling out the 1st option. We also came across a licesing doc [URL]
Downgrading any license (for example, going from 10 contexts to 2 contexts).
# Note If a temporary license expires, and the permanent license is a downgrade, then you do not need to immediately reload the security appliance; the next time you reload, the permanent license is restored.
As per this doc, sooner or later a restart was required on the ASA. We restarted secondary ASA and everthing was fine but when we restarted the primary ASA by swtiching over to secondary some of the server (not all) in the DMZ stopped working (even ICMP unreachable) and only came back to normal when the primary ASA was restored and working fine (with failover).
The reboot was done by shuting down the physical link between the Core switch and ASA inside individually.
I am not sure what could be the issue that the servers in the DMZ wen unreachable.
View 0 Replies
View Related
Aug 9, 2010
In my Cisco ASA 5550, I need to set two different syslogs servers, and I need to send the system logs to the first one (only admins login/logout), and the traffic logs and all the rest (informational level) to the second one. Do you know if is it possible or not and, if yes, how to configure it?
View 6 Replies
View Related
Jun 12, 2011
I would like to work with two ASA's 5550 in HA (Acitve-Standby) like perimetral firewalls and also work with another ASA 5540 but like a SSL VPN Remote Access to end users.Which will be the best topology to this scenary?. Perhaps i need to put the ASA 5540 SSL VPN together with the ASA's in HA directly in a port.
View 1 Replies
View Related
Apr 26, 2011
I am using an ASA5550 for a complex secure network that has at least six "outside" networks. Each "outside" network is assigned to a specific port each set at level "0". I also have a DMZ, set to level "50". I am having difficulty with passing traffic from a host in the DMZ to all but one of the "outside" networks. Is there a limit to the number of "outside" interfaces? I will provide a redacted config file as soon as possible.
View 3 Replies
View Related
May 10, 2013
i have Cisco ASA 5550 and i want to do URL filtering using Web sense,can i use Micorsoft Forefront TMG2010 as websense server to do that?
the idea is to filter the HTTP & HTTPS URLs,if the Micorsoft Forefront TMG2010 is not suitable,refer to suitable Websense URL filtering server?
View 2 Replies
View Related
Oct 3, 2011
I have the following problem, right now we have an ASA 5550 connected to the client´s side. A reset is being received on the client´s side, but when we run the sniffers on both extremes of the network, we can see that the reset is not being sent by the server´s side.
We have narrowed it down to the 5550 ASA, but have found no bug that matches the description.
The characateristics of the reset packet are the following:
- It is the only packet with a TTL of 255.
- Both server and client have very different window sizes, and the reset packet even though has the server´s ip and port as source of the packet, it has the client´s window size.
- It has a correct ack number.
-Before the reset is received, there are a couple of retransmissions of the last packet sent.
- We´re handling a VPN tunnel between both servers.
View 1 Replies
View Related
