Solved

Cannot connect to Cisco ASA5505

Posted on 2010-09-21
11
1,090 Views
Last Modified: 2012-05-10
Hi.  For some strange reason I cannot connect to my ASA5505.  It was working fine and stopped working today.  I am not able to connect to any computers on the INSIDE and am not able to connect to the OUTSIDE (internet).  Firewall is up and lights are flashing.  I have tried using Putty and the ADSM console, but no luck connecting to the Firewall.  I am not sure how to troubleshoot this.  Can anyone provide tips?
0
Comment
Question by:obautista
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 6

Accepted Solution

by:
kuoh earned 500 total points
ID: 33730719
Check that the Power, Status and Active LEDs are on solid and green.  Flashing or an amber color indicates problems and may require a console cable to troubleshoot further.
0
 

Author Comment

by:obautista
ID: 33730735
Power and Active are solid green. Active is not lit at all. I have a console cable connected to it, but have never connected that way. What does the Active light on lit indicate?
0
 

Author Comment

by:obautista
ID: 33730759
Sorry - I meant Power and Status are solid green.  Active is not on.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 6

Assisted Solution

by:kuoh
kuoh earned 500 total points
ID: 33730803
Active indicates that the ASA is up and forwarding traffic.  You're using the blue cable that came with the ASA with an RJ45 on one end and a DB9 serial on the other right?  If not, then you need to find that cable and connect the DB9 end to your PC's serial port.  Then you can use Hyperterminal to open the serial port, usually COM1 or COM2, with 9600,8,N,1.  Once the session is open, reset power to the ASA and you should see startup and status messages scroll by as the ASA performs startup diagnostics and boots the OS.  Hopefully, one of the messages will give us a clue to the problem.
0
 

Author Comment

by:obautista
ID: 33730819
Sorry.  I do have the cable connected.  I have always used Putty to connect to it.  When I type in the IP of 192.168.1.1 on Port 23 it isnt connecting.  It always had before.
0
 
LVL 6

Assisted Solution

by:kuoh
kuoh earned 500 total points
ID: 33730867
The console port is serial only, not IP, that's why it isn't connecting.  It is #3 in this image.

http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5505/quick/guide/install.html#wp1069253

The console cable looks like this and may have an integrated DB9 or detachable RJ45 to DB9 adapter like in this image.

http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5505/quick/guide/install.html#wp1064514

  I don't use Putty, so I don't know if it's capable of opening COM ports.  You should just use Hyperterminal for now so you can at least see the diag messages from the ASA.
0
 

Author Comment

by:obautista
ID: 33730882
Thanks.  I installed HyperTerminal.  What is the command to reset the power?
0
 

Author Comment

by:obautista
ID: 33730898
The window shows rommon #0> right now.
0
 
LVL 6

Assisted Solution

by:kuoh
kuoh earned 500 total points
ID: 33730932
You can try "boot" or just pull the power plug, wait 5 seconds, plug it back in.
0
 

Author Comment

by:obautista
ID: 33730943
Awesome!  "boot" worked.  I am back in business.  Thanks so much.  What do you suspect caused the problem?  It was working all along.
0
 
LVL 6

Assisted Solution

by:kuoh
kuoh earned 500 total points
ID: 33730977
I would recommend a few more power cycles with the console cable connected to verify that the problem does not recur.  The ASA doesn't usually drop into ROMMON for no reason, so I'm leaning toward either a failing RAM or flash module.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question