Cisco ASA5500 Series Firewall recovery iOS whole process

Source: Internet
Author: User

the command to erase the firewall configuration is write erase instead of erase flash!
When ASA5510 Flash is erase, how do you copy the new iOS to 5510? As follows:
1, when the Flash is erase after the device will be unable to find the boot file and continue to restart
Launching BootLoader ...
The Default configuration file contains 1 entry.
Searching/for images to boot.
No images in/
Error 15:file not found
2, enter the monitoring mode, restore the device system so that it can start normally. How do I enter monitoring mode? If you look closely, you will be prompted to press a key to enter monitoring mode when the device starts. As follows:
Use break or ESC to interrupt boot.
Use SPACE to begin boot immediately.
Press "ESC" key to enter monitoring mode.
3. There is no difference between the display in monitoring mode and the switch router. The command format is also very similar as long as we work hard to recover.
Rommon #0 >
In monitoring mode, you can use the "? "or" help "for command assistance, below is the"? "or" help "prompt after the recovery command.
Rommon #0 >?
Variables:use "Sync" to the store in NVRAM
Address= Local IP Address
config= Config file path/name
gateway= Gateway IP Address
image= image File Path/name
linktimeout= Link up timeout (seconds)
Pkttimeout= packet timeout (seconds)
Port= Ethernet Interface Port
retry= Packet RETRY Count (ping/tftp)
server= Server IP Address
vlan= enable/disable dot1q tagging on the selected port
4. Upgrading iOS requires some simple settings for the ASA, such as setting the address of the ASA5510 device, setting the address of the TFTP server, setting the name of the iOS software, sync saving, testing the connectivity with Tftpserver with the ping command, and finally executing the command tftpdnld , the software starts loading.
Note: In monitoring mode we need to connect the computer to the out-of-band management interface of the ASA5510, and the IP address is set for the out of band management interface.
Rommon #1 > address=192.168.0.3
Rommon #2 > gateway=192.168.0.1
Rommon #3 > Image=asa708-k8.bin
Rommon #4 > server=192.168.0.1
Rommon #5 >
Rommon #5 > Sync
Updating NVRAM Parameters ...
Rommon #6 > Ping 192.168.0.1
Link is up
Sending, 100-byte ICMP echoes to 192.168.0.1, timeout is 4 seconds:
?!!!!!!!!!!!!!!!!!!!
Success rate is percent (19/20)
5, execute the TFTPDNLD command, after execution shows the following
Rommon #7 > tftpdnld
ROMMON Variable Settings:
address=192.168.0.3
server=192.168.0.1
gateway=192.168.0.1
port=management0/0
Vlan=untagged
Image=asa708-k8.bin
config=
Linktimeout=20
Pkttimeout=4
Retry=20
TFTP [email protected] via 192.168.0.1
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
At this point, iOS is not loading 5510, but booting the device from TFTP. This can be seen with the show version command when the device is booted:
System image file is "Tftp://192.168.0.1/asa708-k8.bin"
After the boot is complete, you need to connect the TFTP server to an interface other than the out of band management interface before upgrading iOS
Note: Configure the IP address.
asa5510#copy Tftp:flash:
TFTP Server IP Address:
Source file Name:
Destination file Name:
At this point 5510 of iOS has been copied to flash, even if the restart is not lost.
6, after iOS recovery also need to copy the GUI management software to 5510, and copy iOS command is the same.
Note: Different versions of iOS require different ASDM software support, specifically what model of iOS is required for ASDM please observe the description below in the ASDM.
-------------------------End-------------------------

Cisco ASA5500 Series Firewall recovery iOS whole process

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.