Cisco Firewall :: How To Restore Factory Configuration On ASA 5505

Jun 18, 2007

while configuring my ASA 5505 I changed the IP address range of the internal network. Obviously I made an error because I cannot reach the box neither at the old nor the new address. How can I restore the interface and firewall definitions or reset the box to its initial state ? I found a doc how to reset the password, but not explaining how to restore the complete initial config.

View 10 Replies


ADVERTISEMENT

Cisco Firewall :: 5505 - Restore Configuration From Other ASA

Sep 26, 2012

I have the configuration file of the ASA  5505 I have another exactly model that asa is new but  this my first time working with an ASA.
 
I going to configure it an  ip address  in the  0/0 interface and then use TFTP to upload the config to the   start-up config and the save it and reload the ASA.

is that enough? or the ASA has  extra steps??

View 3 Replies View Related

Cisco Switching/Routing :: Restore 881-SEC-K9 Factory Startup Configuration?

May 21, 2012

I messed up  the IOS on the flash of CISCO881-SEC-K9. On reboot it booted to ROMMON which allowed me to tftp up a working IOS c880data-universalk9-mz.151-4.M3.bin. Unfortunately somewhere in my playing around the default startup configuration factory loaded on the routerhas been erased. I can load a new a config on the device but as I'm using the router to learn its useful to have the original config load when I factory reset the device. What is the factory start up config?

View 3 Replies View Related

Cisco Firewall :: How To Restore Configuration To PIX 506E

Mar 22, 2011

What is the easiest way to restore my config?  I backed it up yesterday with my tftp server.  Today I made some changes and messed some things up and need to restore the config from yesterday.

View 1 Replies View Related

Cisco Firewall :: ASA5510 Configuration Restore After Being Replaced By RMA

May 29, 2011

Have a 5510 in Routed mode, simple Static NAT to interface two networks (inside_1 is my private space, and outside_1 the larger intranet that hosts heavy traffic). outside_2 faces internet via pppoe just for VPN purposes.
 
It was operating fine for one year then one port broke (outside_2, internet), leaving no vpn. We followed RMA service replacement and the new unit came with upgraded SW (8.0.4) than the one the original config was created on (8.0.2).
 
To ease the replacement, I did downgrade the sw boot image. Then I did restore the config by tftp to the startup-config and then a reload. Everything seems to load fine.
 
Problem is that testing reveals some sort of issue: I can ping some of the intranet hosts but can't reach gateway, thus larger segment of hosts become unreachable. It seems as if the NAT mechanism can't find the next gateway where to hop. For debug practice, I've enabled all the icmp stuff so ping wasn't being blocked by the device.
 
Being given the fact that this config was up and running prior to the replacement, I've no reason to suspect any mysconfigured items (ie routes, NAT, access-list), but obviously I'm obfuscated and can't see what else I'm missing.
 
How is that possible that the PING only reaches certain hosts? Pinging to 10.15.5.90 works (Route is 0.0.0.0  0.0.0.0 to 10.15.5.126 (gw)), but pinging to the gateway itself doesn't (10.15.5.126) and even worse, hosts like 10.15.167.210 do not respond either.

View 2 Replies View Related

Cisco Firewall :: Restore Configuration To New ASA5505 On Different ASDM Version

May 27, 2013

so we have been using our current ASA5505 for a long time. Since it only support up to 10 VPN licenses, so we buy a new ASA5505-SEC-BUN-K9(support up to 25 users).
 
the old ASA are running: 8.0.3 and ASDM 6.0.3
the new ASA are running: 8.2.5 and ASDM 6.4.5
 
I thought it would be simple as export and import the config file, but when i tried to restore, the new one is looking for a zip file but the old one doesn;t backup file in ZIP. It  looks like i need to update the ASA version or/and ASDM?
 
I am pretty new to this and never upgrade any of these versions since I am aware of the upgrade may mess things up. So do I need to upgrade both the ASA version and the ASDM in order to restore my config?  any effect if i do the upgrade? I also read some articles, we need to upgrade on the version one by one, like 8.0 to 8.1 then 8.2?

View 4 Replies View Related

Wireless :: Factory Restore On Computer?

Sep 21, 2011

My wireless adapter isn't recognized on my computer now :( it was working perfectly before. My computer keeps saying there is no driver for my adapter?

View 1 Replies View Related

Limited Connectivity After Factory Restore?

Jun 12, 2011

my name is Nathan and I have ran into an issue with my LAN. I recently did a factory restore by pressing F11 at start up due to corrupted Windows files. Now that I have restored my computer, I get a "limited connectivity" to an "unidentified network" I tried all the Windows repair options, I powercycled my modem and my router and I unplugged and replugged my LAN cable.

View 9 Replies View Related

D-Link DIR-655 :: Restore To Default Factory?

Nov 19, 2012

I wonder how i can restore my router to its defalt settings if my reset button is broken and the router has lock the mac of my pc. Can i connect the router to my pc and access it from it?

View 7 Replies View Related

Cisco :: Series 800 Factory Default Restore?

Feb 1, 2013

I'm having trouble with an 800 series router. Work has borrowed it to me so i can practice for my icnd2 exam. Only problem is it has a username and password on it. I have been told i can wipe the device and start over. but i cant get in to the user mode or any mode's as i don't have the user name and password. Is there a way of resetting the router back to factory defaults with out logging in to it?

View 2 Replies View Related

Cisco WAN :: Can't Factory Restore 1711 Router

Feb 22, 2012

I found a Cisco 1711 router in our storage room and I want to factory restore it so we can mess around with it or use it as a backup.
 
I connected a console cable to it and in Hyperterminal on a Windows XP box I want to try the CTRL+BREAK sequence to clear it out.  I'm not concerned with the current config or finding the password, I just want to wipe it like it's never been used before.
 
This is what I get:
 
System Bootstrap, Version 12.2(7r)XM4, RELEASE SOFTWARE (fc1)
TAC Support: [URL]
Copyright (c) 2003 by cisco Systems, Inc.
C1700 platform with 131072 Kbytes of main memory

[Code]....

View 2 Replies View Related

D-Link DIR-615 :: Restore The Router To Factory Reset

Feb 1, 2010

I have installed DD-WRT firmware onto my new D-Link DIR-615. It causes some problems and I'd like to re-flash router with orginal firmware. After turning router on with Emergency Room mode and choosing right (as for me) image file I'm getting "Unable to upload the image, please make sure the uploaded file is the correct image." Information.

Firmware downloaded from: [URL]

How can I fix my router? Which firmware file will be correct if not an original?

View 9 Replies View Related

Cisco Wireless :: 3502i - How To Restore The Factory Settings

Jul 18, 2012

The ap 3502i has been registered to the wireless controller, but now want to restore the factory settings, repeated after the upgrade or will appear before the registration information of the wireless controller,

View 3 Replies View Related

Cisco Wireless :: 1121G Steps To Restore To Factory Default

Oct 11, 2012

I currently have 2 cisco aironet 1121G access points. Both of which I believe had an image fail during an upgrade from autonomous mode to lightweight mode. I have tried to reset these access points as directed from Cisco's instructions. I have done a reset (amber light on the middle) and a factory restore (red light in the middle) They go through the steps to restore to factory default, however, after what I believe is an attempt to pull a dhcp address before defaulting into 10.0.0.1 ip address, the access point restarts. This is happening to both of them. After they reset and go through the series of memory tests, I am able to get all three solid green lights, they stay lit for just 15 seconds (rather than 5 minutes so that i can load a new image) I am not sure why they are behaving this way. I have tried as many different possibilities resetting with the mode button. There is no console port on this model of access points so i am unable to manage it otherwise.

View 1 Replies View Related

Cisco Firewall :: Factory Default Config On ASA 5505 With 8.4.1?

May 1, 2011

What is the factory default config on ASA5505 with 8.4.1?

View 3 Replies View Related

Cisco Firewall :: Cannot Reset 5505 To Factory Default

Apr 10, 2011

i have a new 5505 and i have done a few configurations on it. When i try to reset it to the factory settings via asdm i get an error saying it could not be done. I have used config-factory-default using the cli option available in the asdm. I am using asa 8.2 and asdm 6.2. Will erasing the flash reset to factory defaults.

View 4 Replies View Related

Cisco Firewall :: ASA 5505 Doesn't Reset To Factory Default?

Jun 20, 2011

Why when I try to reset Cisco ASA 5505 by pressing  the button behind the hardware nothing happen? Just via software I can reset it?
 
I bought the hardware an year ago and I've never used, the problem that I don't have the blue cable and via software connecting to PC doesn't work.

View 6 Replies View Related

Cisco Firewall :: ASA 5505 Transparent Firewall Configuration?

Sep 11, 2007

I want to configure an ASA 5505 in transparent mode (7.x). Somehow, I got it to work.. but i need some kind of step by step description. I just want to connect it with outside on a route .. inside in my LAN. Its working now with one ASA. But in the Web Interface the Interfaces inside and outside are down.. but its working.

View 5 Replies View Related

Cisco VPN :: ASA 5505 - Backup Restore Certificates

Oct 10, 2011

I have a Cisco ASA 5505 as a BOVPN endpoint using certificates. The config is complete and I now need to back it up and restore to a cold standby Cisco ASA 5505 that will sit on the shelf until something goes wrong.
 
 Problem is I cannot restore my certifcates to the standby.
 
I have tried the backup and restore wizard in ASDM and to be honest it didn't work.

View 2 Replies View Related

Cisco :: 5508 - NCS Configuration Backup And Restore Of WLC

Jan 10, 2012

I recently tested the process for a customer of defaulting a Cisco WLC to factory configuration and then restoring the configuration from Cisco NCS.  It was not seamless to say the least and I wonder if I have just gone about it the wrong way. 
 
Have have set the NCS platform to configuration sync with the 5508 controllers at 04:00 every day and prior to the controller defaulting I ensured that NCS also reported that the config was in sync. I have also set NCS to complete a tftp backup of the controller every night 23:00 - interestingly though I have no idea where this is stored on the NCS platform ( a VM appliance ) or what it's file name is.
 
Anyway my experiences where as follows:-
1.  defaulted WLC and via serial CLI ended up at the configuration wizard.
2.  Set the correct LAG, management IP, host name that NCS knew this controller by.
3.  To test things just created a dummy WLAN ( SSID ) as I assumed this would be overwritten ( big mistake ! ). 
 
At this point I connected the controller to the network and tried to restore the configuration from the config sync version.

First problem - you have to remember to set up the SNMP community string you were using as it is needed by the configuration sync process.  After adding this to the controller I could push the configuration to the controller.

Second problem - failed to add the first WLAN from the backup as I have added the temporary dummy W LAN via the wizard and NCS reported a conflict.  So had to delete WLAN ID 1 from the WLC GUI directly and then the config push no longer reported this error.

Third problem - for some reason did not add the TACACS server details - reported the error that it could not added them.  I manually added these via a template via NCS and all was well. 

Fourth problem - all but the first WLAN was in the disabled state - had to re-enable all of the WLANs. 

Fifth problem - any default items I had disabled or removed have not been saved - therefore I have removed the public and private SNMP communities - but these were still on the WLC after the restore.  I have disabled unused ports not in the LAG as they show an error in NCS - these where not disabled after the restore.
 
So all in all not a very satisfactory restore process from NCS to an defaulted WLC ( meant to simulate to the customer what would be needed if they had to replace a controller due to hardware failure ).

View 1 Replies View Related

Cisco Firewall :: ASA 5505 - SIP Configuration Without NAT

Oct 15, 2012

I am new to using the ASA 5505 appliance.  I have successfully configured it so far, but the one piece that eludes me and I can't find an example of configuring SIP with internal (DMZ security level 50)) VoIP phones to an external call manager (external, security level 0) without using NAT.  I have an internal V LAN to an internal B2 router (and management) on eth0/7, an external V LAN (/30 to an external B1 border router) and five different DMZ V LAN on ports eth0/1-eth0/5.
 
On the external router, the internal interface going to ASA5505 are separate sub-interfaces for each V LAN in the DMZ and one /30 V LAN to connect between the router and ASA.  I am using vrf forwarding on the DMZ sub interfaces with IPSEC/GRE tunnels to keep the routing tables separate.  I cannot have the different DMZ V LAN's communicate with each other (that's why I am using vrf).
 
Everything works, all my tunnels are up, I  can ping to the external sites from the DMZ V LAN's and pass data, but I am stymied by setting up VoIP.  When I used the wizard (big mistake) it setup up all sorts of certificates and NAT (since I really didn't know what I was doing at this point).
 
Any hints on configuring VoIP from phones in the DMZ V LAN's to an external call manager?
 
I would include the current config, but I have to hand transcribe it since we don't allow usb connectivity.  I might be able to provide it a little later.  i am using ASDM 6.4 and ASA IOS 8..4

View 7 Replies View Related

Cisco Firewall :: ASA 5505 - Set Up DSL Configuration?

Nov 11, 2012

I am setting up an ASA 5505 for a customer. I am not sure how to config the firewall when it is connected to a dsl modem. I tried to do a ordinary config just like the ones thats connected to a ordinary router.
 
The topology is:

[code]...

View 2 Replies View Related

Cisco Firewall :: ASA 5505 DMZ Configuration

Jan 9, 2012

I am attempting to configure an ASA 5505 which is connected to 3 networks for access to an inside email server.  Don't pay attention to the names on this config as they are not intuitive.
 
The 3 vlans are:
vlan 1 which has an IP of 192.168.x.1 - Connected to inside (which is really the dmz)
nameif inside
e0/1 is assigned to this

[Code].....

View 5 Replies View Related

Cisco Firewall :: ASA 5505 Backup ISP Configuration

Jun 13, 2011

I'm having problems configuring an asa 8.2(1) with a backup isp.  I followed the asdm instructions in this document: [URL]
 
I have my backup interface configured as DHCP and the static routes set. Pinging the gateway and other external IP address from the backup interfaces works normally. I have also tried configuring the backup interface as a static address but got the same results.
 
When removing the primary wan link, all traffic stops. When I ping a external DNS, I get these errors in the log: portmap translation creation failed for udp src inside: 192.168.13.23 dst backup:208.67.222.222_type 8, code0)
 
I though this type of error is related to a NAT problem, not sure where to look though.

View 4 Replies View Related

Cisco Firewall :: QoS Policing Configuration On An ASA 5505?

Jun 10, 2013

I'm working on QoS policing configuration on an ASA 5505.The ASA is situated behind a cable modem which provides an SLA of 3.2Mbps out.I've configured a QOS policy to place VoIP and other essential traffic (RDP/Citrix/PCoIP) into a priority queue, whilst policing default class to 3.2Mbps to police out to the cable modem.I can see on the outside interface graphs that this is rating the output traffic down to 3.2Mbps as expected, but noticing at certain points of high output traffic drops down to 1.6Mbps.  I can't see anything obvious in syslog or any other areas to look, so looking for any pointers as to why the speed is suddenly dropping down.  Likewise if I rate the output to 2Mbps, it will suddenly drop down to 1Mbps at high output rates.the ASA is running on 8.0(5) and I enclose a copy of the sample QoS config below and attached a sanitized run config, as well as screenshot taken of the outside interface Bit Rates plus service-policy.
 
access-list VoIP-Traffic-OUT extended permit tcp 172.16.6.0 255.255.255.0 host 68.98.217.252 eq h323
access-list VoIP-Traffic-OUT extended permit udp 172.16.6.0 255.255.255.0 host 68.98.217.252 object-group rtp
access-list VoIP-Traffic-OUT extended permit tcp 172.16.6.0 255.255.255.0 host 68.98.217.252 eq 2000  
access-list VMs-Traffic-Out extended permit tcp 172.16.6.0 255.255.255.0 192.168.168.0 255.255.255.0 eq 3389
access-list VMs-Traffic-Out extended permit tcp 172.16.6.0 255.255.255.0 192.168.168.0 255.255.255.0 eq citrix-ica
access-list VMs-Traffic-Out extended permit tcp 172.16.6.0 255.255.255.0 192.168.168.0 255.255.255.0 eq 4172

[code]....

View 6 Replies View Related

Cisco Firewall :: 1-1 NAT And PPTP Configuration - ASA 5505?

Mar 22, 2011

I need add following to our firewall configuration ( we are changing watchguard firewall to cisco and it was necessary to be configured this way )
 
1) I need to create 1-1 NAT for our voip system and video conferencing unit and to do it as bellow

VOIP-SIP : from 85.90.225.100 to 217.207.96.121 on port tcp/udp 5060
VC-SIP : from any_external to 217.207.96.120 on port tcp/udp 5060
VC-Video : from any_external to 217.207.96.120 on port tcp/udp 60000 to 64999
VOIP-RTP :  from 85.90.225.100 to 217.207.96.121 on port tcp/udp 10000 - 20000
 
2) I need to eneble to pass PPTP traffic from outside to inside and vice versa
 
current config:
Result of the command: "show running-config"
: Saved:ASA Version 8.2(2) !hostname ciscoasa
 
namesname 10.10.1.19 barracudaname 192.168.1.2 ctxdmzname 10.10.1.39 ftp1name 10.10.1.38 ftp2name 10.10.1.37 ftp3name 10.10.1.192 mailsvrname 217.207.96.114 outside_114name 217.207.96.115 outside_115name 217.207.96.116 outside_116name 217.207.96.117 outside_117name 217.207.96.118 outside_118name 217.207.96.119 outside_119name 217.207.96.120 outside_120name 10.10.1.8 transfer_servername 10.10.1.10 backupsvrname 10.10.1.4 citrixsvr1name 85.90.225.100 voip_sipname 10.10.1.9 minimac1name 82.111.186.146 sdt_rdpname 217.207.96.121 outside_121!interface Vlan1 nameif inside security-level 100 ip address 10.10.1.1 255.255.255.0 !interface Vlan3 nameif dmz security-level 50 ip address 192.168.1.1

[code]....

View 5 Replies View Related

Cisco Firewall :: PPoe Configuration In ASA 5505?

Mar 19, 2012

I want to know the ppoe configuration in asa5505 firewall. IN my office i have a asa5505 and i get conncetion from local isp which is nothing but ppoe connection so how to do this.

View 1 Replies View Related

Cisco Firewall :: ASA 5505 Configuration For AT&T Microcell

Mar 2, 2011

We got an AT&T Microcell a couple of weeks ago, hooked it up to our CISCO PIX 506 firewall and it worked "out of the box". We then upgraded to a CISCO ASA 5505 when the Pix died last week. Got the ASA 5505 up and running pretty much "out of the box", only having to setup our IP addresses (inside & outside). The 5505 is NOT configured as DHCP since I have an existing server in house that assigns IP addresses and I don't want to mess around with changing everything. However the Microcell wasn't working on the new 5505. Found in the Microcell manual that the following had to be "open":

123/UDP (NTP)
443/TCP (HTTPS)
4500/UDP (IPSec NAT Traversal)
500/UDP (IPSec phase 1 prior to NAT detection)
 
From the 5505 Config Guide, I found that I needed to ENABLE NAT-T, so I did this with the following commands:
crypto isakmp enable outside
crypto isakmp nat-traversal 3600
 
Using the "Packet Tracer" in ASDM, I found that ALL 4 types of packets were allowed going from the ATT Microcell (192.168.10.52 on my INSIDE network) to the OUTSIDE interface (66.xxx.xx.xx). However, all 4 types of packets FAILED when the Packet Trace was reversed (Source = 66.xxx.xx.xx, Destination 192.168.10.52).
 
The Packet Trace pointed to the "implicit rule" to DENY IP traffic. So, using the ASDM, I setup Access Lists for the above 4 ports/protocols, both on the INSIDE & OUTSIDE interface, both INCOMING & OUTGOING. Still, no success and the Packet Trace in ASDM still pointed to the IMPLICIT DENY rule on either the INSIDE or OUTSIDE interface, depending on which Interface I was initiating the Packet Trace. I tried setting the Access Rules for "Any" IP Address (not just the public IP or the Microcell IP) on both the Source/Destination for all 4 ports. What is even more confounding is that when setting up these access lists to PERMIT traffic, my internal network  Internet traffic stopped for ALL workstations on my network. Phone started ringing no more than a minute after I applied any PERMIT rule. By deleting the rule just installed, traffic started flowing again.
 
My number one questin is why don't the access lists work and why does settin up a "permit rule" kill my internet traffic?
 
I'm not a network expert and sprinkle holy water on our network every morning. I cringe when I have to make changes (like putting in a new firewall) because I don't know all the inner workings, parameters and setups done over the years by predecessors. I need to get the ATT Microcell up and running and figure the experience will be beneficial as our next step is to setup a VPN.

View 3 Replies View Related

Cisco Firewall :: ASA 5505 Configuration Required

Apr 29, 2013

I have a problem with the configuration of the ACL of my ASA 5505 router.However, the syntax seems okay,access-list 121 extended deny icmp 192.168.0.0 255.255.255.0 .

View 3 Replies View Related

Cisco Firewall :: Getting ASA 5505 Vlan Configuration?

Mar 14, 2013

I have IOS 8.0(4) and the base 50 User License...will this config work?  I have two networks; my home network, and my lab.  I want to split my Internet connection between them, but keep the networks separate for the most part.  Will my license allow this config since I can't do DMZ?
 
interface Ethernet0/0
switchport access vlan 3
!
interface Ethernet0/1
switchport access vlan 1
!
interface Ethernet0/2
switchport access vlan 2

[code]....

View 1 Replies View Related

Cisco Switching/Routing :: Backup And Restore ASA 5505 Config

Dec 21, 2011

I need to backup my ASA 5505 configuration and restore it to default, then I'll configure manually the new config, but if something doesn't work I want to restore the backup made before.
 
I tried the "copy run tftp" command, and it always answers the same: Result of the command: "copy run tftp" [code] I read everywhere its supossed to prompt asking me tftp server address and file name.

View 7 Replies View Related

Linksys Cable / DSL :: WAG160N Cannot Restore Configuration Backup

Mar 27, 2010

I have a WAG160N and its seems to have reset to factory defaults, no idea why, but when trying to restore the Configuration Backup all I get is "Restore Failure <Unmatched pid>"

View 2 Replies View Related

Cisco Firewall :: ASA 5505 Configuration Cannot Get To Internal Network

Jan 25, 2012

I now need to configure an ASA 5505 for a small server farm.  It's fairly straightforward:isp -> asa5505 -> internal servers,'m using static addresses -- no DHCP involved.VPN works;  I can get into the internal network.pinging from the ASA to an external address works,However, I cannot get from a laptop connected to an internal port out to the internet, either using ping or typing an address in the browser.

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved