Solved

ASA IOS upgrade

Posted on 2010-11-30
4
1,148 Views
Last Modified: 2012-05-10
am using asa firewall. i want to install netflow analyzer...So its requirement asa ios version mini 8.2.. my ios  8.0  please see below sh version

Cisco Adaptive Security Appliance Software Version 8.0(4)
Device Manager Version 6.1(3)

Compiled on Thu 07-Aug-08 20:53 by builders
System image file is "disk0:/asa804-k8.bin"
Config file at boot was "startup-config"

ASA-SMS up 36 days 1 hour

Hardware:   ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode   : ¿CN1000-MC-BOOT-2.00
                             SSL/IKE microcode: ¿CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode  : ¿CNlite-MC-IPSECm-MAIN-2.05
 0: Ext: Ethernet0/0         : address is 0024.14d2.083c, irq 9
 1: Ext: Ethernet0/1         : address is 0024.14d2.083d, irq 9
 2: Ext: Ethernet0/2         : address is 0024.14d2.083e, irq 9
 3: Ext: Ethernet0/3         : address is 0024.14d2.083f, irq 9
 4: Ext: Management0/0       : address is 0024.14d2.0840, irq 11
 5: Int: Not used            : irq 11
 6: Int: Not used            : irq 5

Licensed features for this platform:
Maximum Physical Interfaces  : Unlimited
Maximum VLANs                : 50
Inside Hosts                 : Unlimited
Failover                     : Disabled
VPN-DES                      : Enabled
VPN-3DES-AES                 : Enabled
Security Contexts            : 0
GTP/GPRS                     : Disabled
VPN Peers                    : 250
WebVPN Peers                 : 2
AnyConnect for Mobile        : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions            : 2

This platform has a Base license.

Serial Number: JMX1311L14Y
Running Activation Key: 0x2710f762 0x60960500 0xc4007520 0xa084d090 0x05183091
Configuration register is 0x1
Configuration last modified by admin at 10:21:26.090 AST Mon Nov 29 2010

So how to upgrade my ios ? from where i get latest ios ? if i trying to upgrade ios anything happend or effect running configuration ? Please give me solutions and advice ....


 
0
Comment
Question by:nisartlaa
4 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 34237622
You can only download the ASA image from Cisco.com, and you have to have a valid CCO account with a valid smartnet contract in order to download the images.

Get both the ASA and the ASDM images
I recommend 8.23 for ASA and 6.34 for ASDM
I do not recommend going to 8.3
Using the ASDM upgrade tool, you can upgrade directly from your local PC after you download the images from Cisco. The whole process may take 5 minutes, including the reload. Since you are already on 8.x there should be no changes or affects from the upgrade. Very quick and painless.
0
 

Assisted Solution

by:mayankblitzster
mayankblitzster earned 250 total points
ID: 34237715
First of all, before you touch anything, you should list your configuration using the command:

show config

Print your config to paper, just in case. Your config should stay during the IOS upgrade, but you never know what could happen. You may want to make sure you have console access to the router, as well as the ability to connect to it via the ethernet port. You can temporarily change the address on the ethernet port if you wish by entering:

conf term

At the (config)# prompt select the interface:

int eth0

then

ip address x.x.x.x y.y.y.y

where x is the ip address and y is the subnet mask. Use the earlier show config command so you can set it back when you are done. You could also enter a secondary address instead. Whatever you like.

You can find out what the name of your current flash image is by:

show flash

The next thing you should do is copy your current image (flashimage) up to the TFTP server:

copy flash:flashimage tftp://ipaddress/flashimage

You should see an entry like this in the log of your tftp server:

Receiving 'flashimage' file from x.x.x.x in binary mode

Copy your current image twice if you wish, to different file names, just to be safe. Browse Cisco to be very sure you have the right image. If you load the wrong image of IOS, your router won't work. Pay attention to the amount of RAM your system has, and how much the upgraded IOS needs. IOS 12.2 needs more RAM than 12.0, and Cisco isn't lying about this. When you are happy you have the right image:

delete flashimage
copy tftp://ipaddress/flashimage flash:flashimage

You will be asked if you want to erase the current image. Say yes. When it is done loading, change your eth0 IP if needed, and remove any old boot references:

conf term
no boot system flash oldflashimagename
boot system flash flashimage
exit

Now copy your config:

copy running-config startup-config

Reload, and you are set:

reload

Now, when you reboot all should come up ok. If it doesn't, you will have to use the console port and xmodem to load an image that does work, and this is painful. Here is how to do it.

Pretty much, you just hit ctrl-break (At least with the version of HyperTerminal we used) when the router boots to get into rommon. Minicom or other terminal programs may have different sequences. Try ctrl-c, esc, etc. After you successfully enter rommon, you just:

rommon> xmodem -cf fileimagename

then, from your terminal program, send the file using xmodem. On our 1600, we had to do this at 9600 baud. We couldn't figure out how to change our router to transfer faster than 9600, although we did see some references to how to do it. At 9600 baud, it takes about 50 minutes to reload IOS. After you are done uploading the image, remove the old boot references and copy config to start as above. If all else fails, you could go back to the flash image that you copied via TFTP.



Hope it helps you
0
 
LVL 6

Expert Comment

by:mahrens007
ID: 34244066
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now