Cisco Firewall :: How To Change Which Image Is Booted On ASA5510
Mar 18, 2011
I am wondering how to change which image is loaded by default on an ASA5510. I have two image files stored in the flash memory on disk0:/ but need to change which one is loaded on boot. I used the command "boot system disk0:/asa722-12-k8.bin" which completed successfully, but when the system starts it says two images exist and the default is 1, loading the previous file. Is there a command to change the order that is used?
View 2 Replies
ADVERTISEMENT
Feb 9, 2012
I'm have upgraded our ASA5510's from 7.0.8 to 8.4.3 and now I just need to do the ASDM, but get this error? The bin file has been uploaded: [code] Device Manager image set, but not a valid image file disk0:/asdm-647.bin.
View 3 Replies
View Related
Aug 4, 2011
i have an ASA 5510. it was running asa708-k8.bin and i have attempted to install asa821-k8.bin. i have done this on many ASAs before effortlessly.this time i have had an issue. the ASA will not load the new image, and for some reason will not even load the old.the ASA seems to just keep crashing. i have erased disk0 (advised in forum): and attempted to load the image from tftp. please see below. i know i need to re-formaet the flash, but cannot get into the ASA at all to complete this. [code]
View 2 Replies
View Related
Mar 10, 2011
we have two Cisco ASA 5510 in failover configuration.We tried to change the public IP address on the Outside interface of the primary device but it didn't works. The new IP is not reachable from Internet nor pingable from device on the same LAN.The new IP address is in the same subnet of the old IP.
From the switch on which the ASA is connected and from another Cisco PIX we can see the ARP entry. In the analysis, on the old public IP address there was a VPN site-to-site and Webvpn defined.We tried also to shut/no shut the interface and reboot the device.
View 1 Replies
View Related
Nov 12, 2011
My customer has purchased the standard Cisco 881 (Data) ISR router and now requires (Voice) CUBE services for the support of IP-IP gateway SIP services. I noticed there is multiple models for the Cisco 881 such as the SEC/3G & SRST. Any way to change the Universal image from Data to Voice to support CUBE if possible. Just want to try and eliminate purchasing new Cisco 881 with Universal image for Voice.
View 4 Replies
View Related
Nov 4, 2012
last month I bought in our China office a 2811c router.I asked (to a Chinese informatic company) a router to create a IPSEC - site to site VPN connection with an ASA.I'm not in China, and when they told me that router was power on, I tried to configure VPN.It was a bomb when I found that the image installed was "c2800nmc-spservicesk9-mz.150-1.M7.bin" not enough for my VPN, we need for example "c2800nmc-advipservicesk9-mz.150-1.M7.bin".Is it possible that in China this image is forbidden for VPN political restriction? - If I can, what's the Cisco procedure to change ios image? I must to buy an advanced license or I only register and download which image I need?
View 5 Replies
View Related
Nov 9, 2011
End user have had problem with IP phones that are connected to 3750 stack; many times IP phones lose connection with CallManager and the only way to clear this issue is with clear arp command. DHCP for IP phones is configured in 3750 stack.
At the beginning 3750 stack was set a VTP server, and the others as VTP clients, we detected another VTP server switch so we thought that was the problem, but after removing the issue remains. Finally we set all switch in transparent mode.
Base on this we decided to change the software image 12.2(35)SE1 C3750-ADVIPSERVICESK ---> 122-53.SE2 IPSERVICES I'm going to follow the procedure 3750 Series Switch Stack IOS Upgrade − Automatic .
as it show in the following information there are 4 differents models of 3750 switches, I have already download c3750-ipservicesk9-tar.122-53.SE2.tar for 3750G-24TS.
I have two doubts:
1. There is no problem for using this tar file for all models?
2. I followig command is correct for the change I plann to do ?
Switch#archive download-sw /allow-feature-upgrade /overwrite tftp://192.168.0.24/c3750-ipservicesk9-tar.122-53.SE2.tar
#sh inventoryNAME: "1", DESCR: "WS-C3750G-24TS" 16MB Flash 128 DRAMPID: WS-C3750G-24TS-E
[Code].....
View 3 Replies
View Related
Nov 21, 2011
when I was using image 1.0.0.27, I was able to move the management VLAN from 1 to which ever VLAN I wanted. For some reason, after switching the image to 1.1.1.8, I no longer have that function.
View 1 Replies
View Related
Mar 13, 2013
We have two 7510 WLC's and a bunch of AP's. I want to make sure I understand the license impact of what we are trying to do. Our AP's will not be up at all times and it's impossible to know when these AP's will be connected and booted up. They may be on for 2 days and then off for a month before booting up again. The question I have is once an AP registers to a WLC, is that license 'locked' and used regardless of whether the AP is up or not?
View 3 Replies
View Related
Nov 30, 2011
I have two 4506 switches in my organization. Recently the office was relocated and when both the switches were booted they ignored the startup config.The config-reg was set to 0x2101. No boot system command was configured.So I changed the config-reg of SW1 to 0x2102 and gave boot system command as stated below.When reloaded the switch booted to ROMMON and I had to manually boot the IOS.I want them to boot normally with IOS.Config of SW2 is not changed since relocation. I am specifying both configs bor your consideration. [code]
View 12 Replies
View Related
Jun 6, 2012
ASA 5510 have two model Bun-K9 and Sec-Bun-K9 from the datasheet find out difference Port related and Redundancy. My questions is : Have any major difference for Security service between two model ?
View 3 Replies
View Related
Dec 5, 2011
We have two ASA5510's, running IOS ver. 8.2(4). We setup Load Balancing on two ASA's. Will there be any problems if we change the IP address of the outside interface on one of the ASA's?
View 0 Replies
View Related
Mar 2, 2011
One of our ASA5510s lost VPN site-to-site connectivity (ASA v8.2(2); ASDM v6.2(5)53) to one of our other sites last night. The checkbox for Access Interfaces on the Site-to-Site area in Connection Profiles lost its checkbox for the external interface.
View 1 Replies
View Related
Mar 28, 2010
I have successfully setup the AnyConnect VPN (connecting to our ASA5510) and have split tunneling configured. My remote users can access inside LAN servers as well as the Internet from their remote location. What I would like to know is is it possible to change the split tunnel and not allow access to the Internet from the remote location but force the remote client to go through the VPN and out our internal edge firewall to the Internet? Basically I need my remote clients to access the Internet but I would like for their Internet traffic to go through the VPN and out our edge firewall. This will allow the same security as if they were sitting in the office.
View 4 Replies
View Related
Mar 29, 2011
I got a PIX 501 off ebay and im trying to upgrade it to have an ASDM image on it.Ive downloaded every copy of the ASDM image i can get my hands on, and when i transfer it to the PIX when its up and running i get out of memory, If i do it through monitor mode, i get the error "bad magic number" no matter what i transfer to itI can transfer a new image to the PIX (a non asdm one through monitor mode.
View 3 Replies
View Related
Aug 28, 2011
I have a pix 515, time to time the firewall start rebooting with invalid flash error I found erasedisk.bin in internet, after that i cant load pix532.bin ios file and others pix***.bin are not workingThe only file i am able to load is pix508.bin it,s start asking me activatin number before install I have a previous activation number ios version 5.3.2 but this number is not correct.
View 1 Replies
View Related
Aug 28, 2011
I just bought a used PIX515e. It is running version 8.0(3) and ASDM 6.1.5 Because I do not know the history of the unit, how can I tell if the image used came from cisco and not some download site? I guess I should've thought about this before buying it but hindsight is...you know. Worse case is that the person who had it before me dl the software that was infected with a backdoor or something else. I don't have a service contract so I'm kinda stuck.
Can I download the image from the firewall flash and compare a MD5SUM?
View 12 Replies
View Related
Apr 3, 2012
We are now using image 8.0(4) for my ASA 5510. Later on, I would like to upgrade the image to 8.4(3).May I have to know what difference for those images, what should I take care of the script?
View 1 Replies
View Related
May 16, 2011
I upgraded my ASA 5520 with the latest image. Now I get an error upon launching ASDM.Your ASA image has a version number 7.2(4) which is not supported by ASDM 6.4(1), use Device Manager version 5.2(x)Continue Anyway?
What are the newest, recomended image versions of ASA and ASDM I should be using?I will also be using the SSM-20 module with this setup, so I would like to stay with a working version of ASDM.
View 1 Replies
View Related
Jan 11, 2010
I need to upgrade the fwsm image from 3.1(10) to 4.0(8). Can i do it directly from 3.1(10) to 4.0(8) ?Do i need to upgrade other image also along with Firewall version 4.0(8)?
[code]....
View 5 Replies
View Related
Mar 17, 2012
I downloaded a new image to my ASA 5510 and found out up on reboot that the ASA doesn't have enough memory so I am booting to the "ciscoasa" prompt with no config. I still have my old image in disk0:. How do I roll back to this old image?
View 1 Replies
View Related
Nov 30, 2011
I have a pair of asa5520's in active/standby configuration. I plan on ugrading the asa/asdm images to 8.4 shortly (currently on 8.0) and would like to do this with zero downtime. Specifically, I would like to upload the new software to the standby unit, upgrade it, swap standby/active units and then upgrade what will become the standby after the swap.The problem I'm having is getting the new images uploaded onto the standby unit. I've read that the routing table is not shared from the primary and the USB ports are "for future use". I have no problem uploading the new images to the active unit via tftp...but can't do the same to the standby.
View 5 Replies
View Related
Feb 28, 2012
i am using asa821-k8.bin image, in my cisco 5520, How can i check if my IOS is vulnerable ?
View 4 Replies
View Related
May 1, 2011
I have an ASA 5505 that I was updating from frimware 8.04 to 8.41. Anyway, I went through the update procedure half-asleep and accidentally deleted the boot image right after I installed it (I used the CLI and put in the command del asa8*.bin then just hit enter a bunch of times, which of course means I deleted the old firmware too).
So now whenever I power up the ASA, I get the "Could not find boot file" error. Is there a guide somewhere that tells me how can upload another boot image to the ASA and set the ASA to boot it from teh ROMMON prompt?
View 1 Replies
View Related
Mar 22, 2011
I have a Cisco 5505 that had its disk erased (erase:disk0) and now I am trying to load a new image (822 or 813) from a tftp server.
From the ROMMON prompt I have configured the relevant parameters and run a tftp command.
The tftp transfer seems to complete successfully but then it gets stuck on "...loading".
I have tried different versions of IOS and I always experience the same problem, even though, with older versions of IOS (7.x), the device manages to reboot itself but then it crashes with the following error:
"Error : Uncompression of the image failed. invalid compressed data--format violated"
Could it be an hardware related-issue or a licensing problem maybe? or am I missing anything obvious?
also, with regards to the license: once restored, how do I get my 50 users license back?
View 5 Replies
View Related
Jun 11, 2012
I am able to ping from Switch to firewall inside ip and user desktop ip but unable to ping from user desktop to FW Inside ip.. config is below for both switch and FW Cisco ASA5510....
TechCore-SW#ping 172.22.15.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.22.15.10, timeout is 2 seconds:
[Code].....
View 7 Replies
View Related
Jun 29, 2011
I have two ASA5510's set up in failover, and the secondary keeps crashing after doing the interface checks when bringing failover up. This only happens if I try to upgrade the image on the secondary to anything newer than 8.4.1 (I've tried with 8.4.1-11 and 8.4.2). The primary one run just fine with new images.
I don't have the exact error right now, as I need to do a screen capture from console. It's just a huge crash dump.Are there anything I might have missed during the upgrade? Should I cold-boot both the firewalls in the correct order?
View 7 Replies
View Related
Jan 13, 2013
May I have to know how to check functions included for asa image NCI-ASA5520-BUN-K9?
View 2 Replies
View Related
Feb 16, 2013
we have an ASA5520 need upgrade new anyconnect client, but the new version is too big, so it's no enough space. I want to delete the ASDM image to free the more space. My question is when I delete the ASDM image,if I could manage the ASA from web browser?
View 5 Replies
View Related
Dec 15, 2012
Firmware asa805-k8 was installed and saved on an ASA5505. Upon power failure the ASA5505 reverts to an older firmware, asa724-k8. 1) Is it normal for ASA5505's to revert to older version upon power failure. 2) ASDM/web browser doesn't work using IE--username and password brings to empty screen. how to revert back to later image.
"
# sh ver
Cisco Adaptive Security Appliance Software Version 7.2(4)
Device Manager Version 5.2(4)
[Code]......
View 3 Replies
View Related
Jun 17, 2012
I've been trying to configure this Cisco ASA 5505 for days now. I used to be able to use the ASDM gui application, but i've since transitioned into using the CLI. Trying to go back to ASDM, it won't let me get back in, and when i try show asdm image, it says Device Manager image file not set. I have no CD for this device and I need that image file for the ASDM. How can I locate the file and install it on the router so I can use it?
View 2 Replies
View Related
Jun 3, 2012
The customer forgot the password for the ASA SSM-20 ips module installed in ASA 5520 Fw.show module in customer FW shows it up state. I brought it to our office teat bed. here it show
ASA1# sh module
Mod Card Type Model Serial No.
--- -------------------------------------------- ------------------ -----------
0 ASA 5520 Adaptive Security Appliance ASA5520-K8 JMX1022K03A
1 ASA 5500 Series Security Services Module-20 ASA-SSM-20 JAB101003C2
Mod MAC Address Range Hw Version Fw Version Sw Version
[code]....*-
what to do with this module in my test bed.I have to take it back to the customer site to use it in their ASA itself to troubleshoot.There it the status is up and i did use all the hw-module option but no use. The version is 5.0. This module is more than 5 years old and so far no one upgrade the image. ASA 5520 running 8.2.5.
View 8 Replies
View Related
Mar 27, 2011
I'm running a couple of 5520 (with failover configuration) and fw 8.3.1. Everything worked fine until I try to upgrade firewall to new fw version: 8.4.1. [code]
When I try to upload new firrmware or asdm image, ASA, the appliance reboots during tftp session. I've already tried to upload new images on both appliance, or use CLI either ASDM, but the result is always the same: ASA reboots.
From my point of view, the problem isn't the image but could be the firmware I'm running, becouse using fw. 8.0.1 I was able to upalod asdm 8.3.1, but using fw 8.3.1 I can't upload the same image.
View 2 Replies
View Related
