Solved

Cisco Asa 5505 not saving configuration

Posted on 2012-03-25
3
3,025 Views
Last Modified: 2012-03-25
My ASA 5505 won't save the configuration.  I issue the command "write memory".  It says OK.  I reload the asa.  It comes back with this in show running-config.  I've factory reset, upgraded the asa and asdm to 8.3 and 6.31.  I've erased flash and started over.  I've performed a write erase.  Am I missing something?

ciscoasa(config)# show running-config
: Saved
:
ASA Version 8.3(1)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Vlan1
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/0
 shutdown
!
interface Ethernet0/1
 shutdown
!
interface Ethernet0/2
 shutdown
!
interface Ethernet0/3
 shutdown
!
interface Ethernet0/4
 shutdown
!
interface Ethernet0/5
 shutdown
!
interface Ethernet0/6
 shutdown
!
interface Ethernet0/7
 shutdown
!
ftp mode passive
pager lines 24
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
!
!
prompt hostname context
call-home
 profile CiscoTAC-1
  no active
  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
  destination address email callhome@cisco.com
  destination transport-method http
  subscribe-to-alert-group diagnostic
  subscribe-to-alert-group environment
  subscribe-to-alert-group inventory periodic monthly
  subscribe-to-alert-group configuration periodic monthly
  subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:85d9e069f71dcf3d29f7ac9baff69237
: end
0
Comment
Question by:ETI2010
3 Comments
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 37763253
Did you reboot it?  Isee where you say "reload".  I believe the Cisco requires a reboot to apply the new settings.

Some devices have:
- the running memory in RAM / volatile
- a configuration save memory as in NVRAM
- the configuration to be loaded at boot time also in NVRAM

So, as I understand it:
- you try the new settings in real time.
- if you do nothing and reboot then the changes are lost
- you have to do something like the "write memory" step .. just make sure this is the command you want/intend.
- then you have to reboot.
Maybe that's what you did but just to make sure....
0
 
LVL 17

Accepted Solution

by:
Kvistofta earned 500 total points
ID: 37763296
It sounds like you have the config-register set so that the startup-config is ignored. Try to set it to the default of "0x01".

http://www.articlegarden.com/Article/Password-Recovery-on-the-Cisco-ASA-Security-Appliance/70584

Best regards
Kvistofta
0
 

Author Closing Comment

by:ETI2010
ID: 37763864
This is exactly it.  When it booted I noticed that ignore configuration text scrolling by.  Didn't think anything of it.  Thanks a bunch.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question