Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Cisco Asa 5505 not saving configuration

Posted on 2012-03-25
3
3,046 Views
Last Modified: 2012-03-25
My ASA 5505 won't save the configuration.  I issue the command "write memory".  It says OK.  I reload the asa.  It comes back with this in show running-config.  I've factory reset, upgraded the asa and asdm to 8.3 and 6.31.  I've erased flash and started over.  I've performed a write erase.  Am I missing something?

ciscoasa(config)# show running-config
: Saved
:
ASA Version 8.3(1)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Vlan1
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/0
 shutdown
!
interface Ethernet0/1
 shutdown
!
interface Ethernet0/2
 shutdown
!
interface Ethernet0/3
 shutdown
!
interface Ethernet0/4
 shutdown
!
interface Ethernet0/5
 shutdown
!
interface Ethernet0/6
 shutdown
!
interface Ethernet0/7
 shutdown
!
ftp mode passive
pager lines 24
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
!
!
prompt hostname context
call-home
 profile CiscoTAC-1
  no active
  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
  destination address email callhome@cisco.com
  destination transport-method http
  subscribe-to-alert-group diagnostic
  subscribe-to-alert-group environment
  subscribe-to-alert-group inventory periodic monthly
  subscribe-to-alert-group configuration periodic monthly
  subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:85d9e069f71dcf3d29f7ac9baff69237
: end
0
Comment
Question by:ETI2010
3 Comments
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 37763253
Did you reboot it?  Isee where you say "reload".  I believe the Cisco requires a reboot to apply the new settings.

Some devices have:
- the running memory in RAM / volatile
- a configuration save memory as in NVRAM
- the configuration to be loaded at boot time also in NVRAM

So, as I understand it:
- you try the new settings in real time.
- if you do nothing and reboot then the changes are lost
- you have to do something like the "write memory" step .. just make sure this is the command you want/intend.
- then you have to reboot.
Maybe that's what you did but just to make sure....
0
 
LVL 17

Accepted Solution

by:
Kvistofta earned 500 total points
ID: 37763296
It sounds like you have the config-register set so that the startup-config is ignored. Try to set it to the default of "0x01".

http://www.articlegarden.com/Article/Password-Recovery-on-the-Cisco-ASA-Security-Appliance/70584

Best regards
Kvistofta
0
 

Author Closing Comment

by:ETI2010
ID: 37763864
This is exactly it.  When it booted I noticed that ignore configuration text scrolling by.  Didn't think anything of it.  Thanks a bunch.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question