I am in the process of setting up the ASA5520 with the latest 8.4 firmware latest Anyconnect 3.0.
Unfortunately, the internal memory is sufficient enough for the ASA ASDM only. It says not enough memory when I tried to tftp the Anyconnect pkg.There is a external flash slot at the back of the ASA, I've inserted a 256mb CF card but when I do a show disk1: it shows
I am needing to upgrade the Flash card on our current ASA from 64mb to a 1GB card to make way from upgrading from 8.0 to 8.4. When i copy all the contents from the 64MB card through a card reader i am not getting the startup-config file copied over. I checked to make sure that all hidden files are shown, but i am not seeing it. I backed up the startup-config from the old 64mb card to a tftp server before switching the cards out. Is their something that i am missing?
how to storage the DHCP IP table in a external flash of a router. This is because the router is switched off and switched on everyday but I want that it remembers which MAC is associated with which IP when it starts again and avoid IP duplicate problems. The command "lease" doesn't seem useful here.
Recently purchased an EA4500 router and it is connected to the Internet. One of the reasons we purchased this router was to take advantage of the usb port (only 2.0 unfortunately) to be able to share media across the network. I spent over two hours on the phone (4/16/2012) with Linksys Tech support trying to get this feature to work. When using a little flashdrive I can easily find the connected usb device. However, when trying to connect to an external hard drive, it will not connect. I tried three different external hard drives, a Western Digital 500 GB Elements drive, a Western Digital 2 TB My Book Elements drive and even a portable 1.5 TB Seagate FreeAgent drive. Every drive had the same result. In fact after plugging each one into the EA4500 and then selecting Safely Eject and then plugging them into my computer, each one had to go through the Fix process in order to work again. I tried this several times. Linksys Tech Support could not get it to work either, and they even used remote access. When going into the web interface of the EA4500, the router sees the external drives attached to it. However, only the little 16GB flash drive can be seen by the computer. I know there is a list for approved devices that work with a different device, the E4200 [URL]
It looks like my devices are there but nonetheless its not working. Really not sure why the router can see all of the devices but only the computer can see the flash drive.
Trying to copy the system image file from the sup-bootflash to a new 64MB ATA flash card. Yes the software can support the 64MB card.
The ATA flash card was formated successfully, however I cannot copy the system image to it so that it can boot after a power loss. The command I tried was: console(enabled) copy sup-bootflash: slot0:
The source filename was typed in as shown in the Show Verison command.The result was: Error opening slot0: no such device.I suspect that I am missing something obvious as I am new to Cisco Switches.
With regarding to the firewall ASA5520, i'm using it in my network, all the confiuration are properly configured and working but with the use of proxy address in internet explorer(e.:206.53.155.129/3128) all the blocked contents as easily accessible simply it bypass all the network through firewall.so will u guide me to block the proxy servers.
I have two asa 5520 firewalls. one at my primary data center connected to our production Internet feed, and one at my fail over data center connected to a backup internet feed. I was wondering if there was an easy way to keep the firewall rules in sync between the two firewalls. We have failover with our isp that will move our public facing address block from our primary site to our dr site in the event of a disaster so the ip addresses will not change if we were to have to fail over to the DR site. currently i just have to do any changes that i make on the fail over server but would like a way to at least simi-automat this if not fully automat this so that i can eliminate the possibility of human error of a change happening at primary but never getting don at DR.
We have a customer that has a ASA 5525-x reporting only 4g flash memory rather than 8g has any 4g version of the 5525 or is the IOS reporting incorrectly the size, as it seems to be embedded on these units as a USB disk internal.
I just got a brand new ASA 5550, i configured the port g0/0 on asa with an ip address 192.168.10.1 then configure my computer with ip 192.168.10.2 and default gateway is 192.168.10.1. I'm able to ping the asa from my computer. I remote to ASA thru the console port and try to copy iOS from flash to my pc but it doesn't work.
Cisco asa# copy flash tftp://192.168.10.2/asa804-k8.bin Source file name []? asa804-k8.bin Address or name of remote host [192.168.10.2]? Destination file name [asa804-k8.bin]? Writing file tftp://192.168.10.2/asa804-k8.bin... !%Error writing tftp://192.168.10.2/asa804-k8.bin (Timed out attempting to connect) Cisco asa#
In order to do a flash upgrade on a 5510, is there any way to get the files from the existing flash onto the new flash before you replace existing flash? Is there an online procedure?
How do you save the command output from the CLI to a file on flash?
With IOS, I would normally use a pipe command to redirect to tftp, but the ASA doesn't support this as far as I can tell. As a work around I was thinking I could save the output to flash and then tftp that file off the ASA.
I need to upgrade the ASA 5520 from OS 8.2(5)26 to 8.2(5)33. the ASA only has 64M of flash. I have a 256M flash card. What are the steps to upgrade the flash? I am not sure how it will boot up because the new flash will be blank?
I deleted the flash from an ASA5510. I was able to tftp a version back into the device, but cannot seem to correctly have the box boot from this flash. I get the following error:
!WARNING: BOOT variable added, but not a valid image disk0: /asa831-k8.bin *** Output from config line 41,"boot system disk0:/asa83..."
I have tried every save syntax i can think of to save this flash, but have yet to have it boot with an image ( I keep booting into ROMMON and have to tftp the image back in)
I was trying to erase some bad test configs on my 5505 with a write erase, but all VLAN and Ethernet configs remained. I hastily decided to do an erase flash. No I'm stuck at a ROMMON prompt with no image found to boot I'm hoping I don't have to TFTP a factory image. How do I find the images on disk0 and copy them?
My client has had to replace their ASA 5510. Upon importing the image to the brand new ASA they are unable to write to the flash.
They have run fcsk disk0: to no avail. show file system show 0 and 0 for Flash size and Free space on disk0.
Is there anything that can be done, short of formating flash and trying to reinstall the image? I have asked them to reload the ASA but they are reluctant to do so as they don't want the site to lose connectivity.
I need to upgrade the compact flash of my ASA 5510 from 256MB to 512MB. A friend's recommendation was to buy a card reader, copy all of the data from the existing card and paste it to the new compact flash. I have a hard time believing that it's that straight forward.
Any safer, more foolproof way of migrating between flash cards?
Currently my ASA5510 has a 64MB internal flash. Does the ASA require a higher capacity flash for an IOS upgrade from 7.2(x) to 8.2(x)? The Cisco Release Notes does not state any internal flash requirement, but just wanted to double check.
I have pix 535 and wanted to erase the flash files (faulty) which already utilised 13 mb .so i cant upload new ios so i want erasedisk.bin ,i also have CCO account.
I recently upgraded the flash and the RAM on one of my ASA 5505 lab machines. The flash was upgraded from 128 to 512MB and the RAM was also upgraded from 256 to 512MB. I am using asa845-k8.bin. The firewall boots and runs file until you issue the reload command. The system shuts down but never reloads.
I have an ASA 5520, currently running version 7.25-k8. I'm preparing for an upgrade to version 7.25(4), so I transferred the software code (obtained via Cisco download) to the firewall vis SCP. I then issued the "verify flash:asa725-k8.bin" and it fails. It comes back with the error that the CRC did not verify, Data Integrity has been compromised". My first thought was the image did not copy correctly, so I deleted it and transferred it again. I got the same error. Then I decided to run a verify against the actual current code that was running on the firewall, and it came back with the same error. I don't understand what the problem is. I don't tend to think it's an SSH key related problem, as the method I use to access the firewall is via SSH and I have no problems. Worth noting,this firewall is part of an active/standby pair, and I observe the same behavior on the failover unit, it fails to verify.
I was handed a firewall ASA 5520 but without external flash, I want to confirm that the ASA at least boot from rommon mode boot must have the external flash connected? I connected to power and I connect it by the console port it did not show any boot.Additionally I can confirm it is possible that you can connect a flash of a previous ASA model, say a 5510?
I need to upgrade the flash memory of the ASA 5520 from 256Mb to 512Mb. As far as I realized the built-in flash memory called system compact flash and there is also an empty slot which it is possible to install a user flash.
What is the difference between user and system compact flash? and for upgrade can I just insert the user compact flash or do I need to upgrade the system compact flash? Where can I find the part number for each type?
I have a asa5520 with five Internet IP.One for the internet interface and the others are static maped to dmz hosts. It runs rightly until yesterday.Now it will lose the connection to the gateway many times everyday and the dmz hosts can not connect to internet any time. configuration(simplified):
! interface GigabitEthernet0/0 nameif internet security-level 0
[Code]....
I called ISP to check,when ISP clear their router's ARP, the asa will lose the connection at the same time and then the ISP's router couldn't learn the ASA's MAC. After I 'clear arp' manually,The ISP's router can learn the ASA's MAC and the connection recovered,but the DMZ's cann't access internet still (of course,There is no problem between DMZ and ASA ,I ping the internet gateway from DMZ host and can not get any reply.).
We have 2 x ASA5520 and I upgraded this to 8.2.2 last year, I see 8.2.5 and now 8.4 is out. If we are having no issues, is it best just to leave it as it is? I can see a couple of features I may find useful in 8.2.5, but 8.4 seems like a huge jump and a risky one too.
I am trying to introduce an ASA5520 to my network based on the following diagram: ISP Internet ------> ASA5520 ------- > Cisco Router ------> LAN. The problem is I cannot ping the ASA from the LAN. I can ping it from inside the router. I already allow ICMP within ASA. If i remove the cisco router and replace it by a swich, I can ping the ASA with NO problem.
We want to use ASA5520 but both Firewall have different CPU. One has CPU Pentium 4 2400 MHz and another has Pentium 4 Celeron 2000 MHz. Can it be configured for replica / failover?
We have 2 firewalls on PIX facing the Internet and connected to interface e1 (behind it) an ASA version 8.3 Both the PIX (Firewall facing) and the ASA are on the same subnet.
By using Routing statements and statics I have been able to reroute specific traffic to the ASA5520 version 8.3 Now I need to inverse the 2 devices. The ASA5520 will be facing the Internet and the PIX will be behind it.Unfortunately the ASA5520 is refusing to route the traffic to the PIX. The access-lists are open accordingly and a NAT on the ASA has been created.