Cisco ASA 5506 stuck in rommon mode
Hello,
I have a Cisco ASA 5506 which is stuck in rommon mode.
I have it as a test device, I have the image file: asa962-lfbff-k8.SPA available on a USB disk, which is connected to ASA.
When i go into the device I see the USB as Disk1.
My question is how to copy the image to Disk0 & set it up for boot without TFTP, SMB or FTP?
or even if it's possible?
Thanks
A
I have a Cisco ASA 5506 which is stuck in rommon mode.
I have it as a test device, I have the image file: asa962-lfbff-k8.SPA available on a USB disk, which is connected to ASA.
When i go into the device I see the USB as Disk1.
My question is how to copy the image to Disk0 & set it up for boot without TFTP, SMB or FTP?
or even if it's possible?
Thanks
A
ASKER
Can you please write the full commands as per the filter name I mentioned in question?
Thanks
Thanks
ASKER
I used this command:
copy disk1:asa962-lfbff-k8.spa disk0:asa962-lfbff-k8.spa
but, I got the following error:
rommon 4 > copy disk1:asa962-lfbff-k8.spa disk0:asa962-lfbff-k8.spa
The command "copy" is an invalid command. Use "help" for a command list.
copy disk1:asa962-lfbff-k8.spa disk0:asa962-lfbff-k8.spa
but, I got the following error:
rommon 4 > copy disk1:asa962-lfbff-k8.spa disk0:asa962-lfbff-k8.spa
The command "copy" is an invalid command. Use "help" for a command list.
ASKER
the version of ASA
rommon 6 > show info
Current image running (0/1): Boot ROM0
Cisco Systems ROMMON, Version 1.1.8, RELEASE SOFTWARE
Copyright (c) 1994-2015 by Cisco Systems, Inc.
Compiled Thu 06/18/2015 12:15:56.43 by builders
DIMM Slot 0 : Present
Product Identifier : ASA5506W
Serial Number - PCA : DELETED
Serial Number - Chassis : DELETED
Version Identifier : V04
CPLD Version : 34 (MM/DD/YY): 04/25/14 (2.2)
CPLD Ext Version : 0x03020200 (2.2.0)
Board Version : 3 (P2)
PCH Version : 02 (A2)
CPLD-ENV Version : 0000
Hardware Anchor : F01025R12.16ae50ec82014-04
Certificate : 333C0DC1B9D15412
Microloader : MA0008R06.O203142014
rommon 6 > show info
Current image running (0/1): Boot ROM0
Cisco Systems ROMMON, Version 1.1.8, RELEASE SOFTWARE
Copyright (c) 1994-2015 by Cisco Systems, Inc.
Compiled Thu 06/18/2015 12:15:56.43 by builders
DIMM Slot 0 : Present
Product Identifier : ASA5506W
Serial Number - PCA : DELETED
Serial Number - Chassis : DELETED
Version Identifier : V04
CPLD Version : 34 (MM/DD/YY): 04/25/14 (2.2)
CPLD Ext Version : 0x03020200 (2.2.0)
Board Version : 3 (P2)
PCH Version : 02 (A2)
CPLD-ENV Version : 0000
Hardware Anchor : F01025R12.16ae50ec82014-04
Certificate : 333C0DC1B9D15412
Microloader : MA0008R06.O203142014
Sorry Ive bee AFK for a while
Boot the firewall from the network like this the process is the same for a 5506-X but you connect interface 2 to the LAN
You will need to setup TFTP on something I prefer 3cdeamon for windows
If you have a mac then TFTP is built in
Pete
Boot the firewall from the network like this the process is the same for a 5506-X but you connect interface 2 to the LAN
You will need to setup TFTP on something I prefer 3cdeamon for windows
If you have a mac then TFTP is built in
Pete
ASKER
Hi,
I followed http://www.petenetlive.com/KB/Article/0000792
& was able to load the image asa962-lfbff-k8.SPA
rommon 1 > tftp
ADDRESS: 172.16.254.150
NETMASK: 255.255.255.0
GATEWAY: 172.16.254.207
SERVER: 172.16.254.207
IMAGE: asa962-lfbff-k8.SPA
MACADDR: 00:a6:ca:07:61:21
VERBOSITY: Progress
RETRY: 40
PKTTIMEOUT: 7200
BLKSIZE: 1460
CHECKSUM: Yes
PORT: GbE/1
PHYMODE: Auto Detect
Receiving asa962-lfbff-k8.SPA from 172.16.254.207!!!!!!!!!!!!
File reception completed.
Boot buffer bigbuf=348bd018
Boot image size = 89589408 (0x55706a0) bytes
[image size] 89589408
[MD5 signaure] 90a477e14ba2d0197f25578f3a
LFBFF signature verified.
INIT: version 2.88 booting
Starting udev
Configuring network interfaces... done.
Populating dev cache
dosfsck 2.11, 12 Mar 2005, FAT32, LFN
There are differences between boot sector and its backup.
Differences: (offset:original/backup)
65:01/00
Not automatically fixing this.
Starting check/repair pass.
Starting verification pass.
/dev/sdb1: 106 files, 814351/1937204 clusters
dosfsck(/dev/sdb1) returned 0
Mounting /dev/sdb1
IO Memory Nodes: 1
IO Memory Per Node: 205520896 bytes
Global Reserve Memory Per Node: 314572800 bytes Nodes=1
LCMB: got 205520896 bytes on numa-id=0, phys=0x10d800000, virt=0x2aaaaae00000
LCMB: HEAP-CACHE POOL got 314572800 bytes on numa-id=0, virt=0x2aaab7200000
Processor memory: 1503118532
Compiled on Tue 23-Aug-16 18:37 PDT by builders
cnnic_asa_exit_cb: Accelerator boot err Accelerator boot failed status 4.
--- Begin of accelerator boot log ---
Using user supplied board name: CUST_CLARK, number: 20003
Using user supplied DDR 0 spd address(es)/file(s): /asa/cavium/accelerator_sp
Read 128 values from spd file: /asa/cavium/accelerator_sp
PCIE port 0
All cores in reset, skipping soft reset.
Using bootloader image: /asa/cavium/u-boot.bin
Notice: Using board default DDR clock of: 0 hertz.
Warning: Using generic default DDR clock of 533000000 hertz.
Initialized 512 MBytes of DRAM
Setting dram_size in env
Starting cores 0x1
Powering up additional cores.
Timeout waiting for boot completion!
--- End of accelerator boot log ---
Invalid log size 0
Panic: DATAPATH-0-1727 - cnnic_asa_exit_cb: Accelerator boot err Accelerator boot failed status 4.
(set_exptime) Timer not a leaf 0x00007f312d075210. Traceback: 0x00007f31374ab7ae 0x00007f31374a297c 0x00007f31374b24db 0x00007f31374ad1d3 0x00007f3138baade6 0x00007f3135b64180 0x00007f31374a5743 0x00007f3137ed4f43 0x00007f3138bb00c1 0x00007f31374b17ee 0x00007f3133007210 0x00007f3138baefb5 0x00007f3137482ab9 0x00007f3132fe2e05
mgd_timer_set_exptime: Not a leaf called from 0x00007f31374b24db
core0 same core snap_count=1 signo=11 RIP=7f31374b2515
--------------------------
Traceback output aborted.
Flushing first exception frame:
r8 0x0000000000008802
r9 0x0000000000000000
r10 0x00007f312d0799e0
r11 0x0000000000003293
r12 0x00007f313e1382e4
r13 0x00007f312d079c20
r14 0x0000000000000000
r15 0xffffffffffffdf90
rdi 0x0000000000000000
rsi 0x00007f312d079c20
rbp 0x00007f312d079c60
rbx 0x00007f312d0721d8
rdx 0x0000000000000010
rax 0xfffffffffffffffc
rcx 0xffffffffffffffff
rsp 0x00007f312d079c10
rip 0x00007f3135b63afd
eflags 0x0000000000003293
csgsfs 0x0000000000000033
error code n/a
vector 0x0000000000000000
old mask 0xffffffde3e3a5a05
cr2 0x0000000000000000
Nested traceback attempted via signal, from:
Page fault: Address not mapped
r8 0x0000000000008802
r9 0x0000000000000bf7
r10 0x0000000000000042
r11 0x0000000000003293
r12 0x00007f313e4b9b00
r13 0x00007f313e1350c0
r14 0x0000000000000000
r15 0x00007f313e1350c0
rdi 0x0000000000000000
rsi 0x0000000000000004
rbp 0x00007f312d0793d0
rbx 0x00007f312d075000
rdx 0x0000000000000000
rax 0x0000000000000000
rcx 0x0000000000000000
rsp 0x00007f312d0793c0
rip 0x00007f31374b2515
eflags 0x0000000000013246
csgsfs 0x0000000000000033
error code 0x0000000000000006
vector 0x000000000000000e
old mask 0xffffffde3e3a5a05
cr2 0x0000000000000008
Cisco Adaptive Security Appliance Software Version 9.6(2)
Compiled on Tue 23-Aug-16 18:37 PDT by builders
Hardware: ASA5506W
Crashinfo collected on 11:18:56.869 UTC Tue May 9 2017
ASLR enabled, text region 7f31366cc000-7f313abbcdc4
Traceback:
0: 0x00007f3137462321
1: 0x00007f31374ac2a8
2: 0x00007f3138baab66
3: 0x00007f3135b64180
4: 0x00007f31374ad1d3
5: 0x00007f3138baade6
6: 0x00007f3135b64180
7: 0x00007f31374a5743
8: 0x00007f3137ed4f43
9: 0x00007f3138bb00c1
10: 0x00007f31374b17ee
11: 0x00007f3133007210
12: 0x00007f3138baefb5
13: 0x00007f3137482ab9
14: 0x00007f3132fe2e05
--------------------------
core0 same core snap_count=2 signo=11 RIP=7f3137ed79b4
Process shutdown finished
Rebooting... (status 0x8b)
INIT: Sending processes the TERM signal
Deconfiguring network interfaces... done.
Sending all processes the TERM signal...
Sending all processes the KILL signal...
Deactivating swap...
Unmounting local filesystems...
Rebooting...
But when it reboots it loads again in Rommon mode.
Cisco Systems ROMMON, Version 1.1.8, RELEASE SOFTWARE
Copyright (c) 1994-2015 by Cisco Systems, Inc.
Compiled Thu 06/18/2015 12:15:56.43 by builders
Current image running: Boot ROM0
Last reset cause: PowerCycleRequest
DIMM Slot 0 : Present
Platform ASA5506W with 4096 Mbytes of main memory
MAC Address: 00:a6:ca:07:61:21
Using default Management Ethernet Port: 0
Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
It takes the image from Disk0 ???
As per the link I posted, it should boot correctly....
I followed http://www.petenetlive.com/KB/Article/0000792
& was able to load the image asa962-lfbff-k8.SPA
rommon 1 > tftp
ADDRESS: 172.16.254.150
NETMASK: 255.255.255.0
GATEWAY: 172.16.254.207
SERVER: 172.16.254.207
IMAGE: asa962-lfbff-k8.SPA
MACADDR: 00:a6:ca:07:61:21
VERBOSITY: Progress
RETRY: 40
PKTTIMEOUT: 7200
BLKSIZE: 1460
CHECKSUM: Yes
PORT: GbE/1
PHYMODE: Auto Detect
Receiving asa962-lfbff-k8.SPA from 172.16.254.207!!!!!!!!!!!!
File reception completed.
Boot buffer bigbuf=348bd018
Boot image size = 89589408 (0x55706a0) bytes
[image size] 89589408
[MD5 signaure] 90a477e14ba2d0197f25578f3a
LFBFF signature verified.
INIT: version 2.88 booting
Starting udev
Configuring network interfaces... done.
Populating dev cache
dosfsck 2.11, 12 Mar 2005, FAT32, LFN
There are differences between boot sector and its backup.
Differences: (offset:original/backup)
65:01/00
Not automatically fixing this.
Starting check/repair pass.
Starting verification pass.
/dev/sdb1: 106 files, 814351/1937204 clusters
dosfsck(/dev/sdb1) returned 0
Mounting /dev/sdb1
IO Memory Nodes: 1
IO Memory Per Node: 205520896 bytes
Global Reserve Memory Per Node: 314572800 bytes Nodes=1
LCMB: got 205520896 bytes on numa-id=0, phys=0x10d800000, virt=0x2aaaaae00000
LCMB: HEAP-CACHE POOL got 314572800 bytes on numa-id=0, virt=0x2aaab7200000
Processor memory: 1503118532
Compiled on Tue 23-Aug-16 18:37 PDT by builders
cnnic_asa_exit_cb: Accelerator boot err Accelerator boot failed status 4.
--- Begin of accelerator boot log ---
Using user supplied board name: CUST_CLARK, number: 20003
Using user supplied DDR 0 spd address(es)/file(s): /asa/cavium/accelerator_sp
Read 128 values from spd file: /asa/cavium/accelerator_sp
PCIE port 0
All cores in reset, skipping soft reset.
Using bootloader image: /asa/cavium/u-boot.bin
Notice: Using board default DDR clock of: 0 hertz.
Warning: Using generic default DDR clock of 533000000 hertz.
Initialized 512 MBytes of DRAM
Setting dram_size in env
Starting cores 0x1
Powering up additional cores.
Timeout waiting for boot completion!
--- End of accelerator boot log ---
Invalid log size 0
Panic: DATAPATH-0-1727 - cnnic_asa_exit_cb: Accelerator boot err Accelerator boot failed status 4.
(set_exptime) Timer not a leaf 0x00007f312d075210. Traceback: 0x00007f31374ab7ae 0x00007f31374a297c 0x00007f31374b24db 0x00007f31374ad1d3 0x00007f3138baade6 0x00007f3135b64180 0x00007f31374a5743 0x00007f3137ed4f43 0x00007f3138bb00c1 0x00007f31374b17ee 0x00007f3133007210 0x00007f3138baefb5 0x00007f3137482ab9 0x00007f3132fe2e05
mgd_timer_set_exptime: Not a leaf called from 0x00007f31374b24db
core0 same core snap_count=1 signo=11 RIP=7f31374b2515
--------------------------
Traceback output aborted.
Flushing first exception frame:
r8 0x0000000000008802
r9 0x0000000000000000
r10 0x00007f312d0799e0
r11 0x0000000000003293
r12 0x00007f313e1382e4
r13 0x00007f312d079c20
r14 0x0000000000000000
r15 0xffffffffffffdf90
rdi 0x0000000000000000
rsi 0x00007f312d079c20
rbp 0x00007f312d079c60
rbx 0x00007f312d0721d8
rdx 0x0000000000000010
rax 0xfffffffffffffffc
rcx 0xffffffffffffffff
rsp 0x00007f312d079c10
rip 0x00007f3135b63afd
eflags 0x0000000000003293
csgsfs 0x0000000000000033
error code n/a
vector 0x0000000000000000
old mask 0xffffffde3e3a5a05
cr2 0x0000000000000000
Nested traceback attempted via signal, from:
Page fault: Address not mapped
r8 0x0000000000008802
r9 0x0000000000000bf7
r10 0x0000000000000042
r11 0x0000000000003293
r12 0x00007f313e4b9b00
r13 0x00007f313e1350c0
r14 0x0000000000000000
r15 0x00007f313e1350c0
rdi 0x0000000000000000
rsi 0x0000000000000004
rbp 0x00007f312d0793d0
rbx 0x00007f312d075000
rdx 0x0000000000000000
rax 0x0000000000000000
rcx 0x0000000000000000
rsp 0x00007f312d0793c0
rip 0x00007f31374b2515
eflags 0x0000000000013246
csgsfs 0x0000000000000033
error code 0x0000000000000006
vector 0x000000000000000e
old mask 0xffffffde3e3a5a05
cr2 0x0000000000000008
Cisco Adaptive Security Appliance Software Version 9.6(2)
Compiled on Tue 23-Aug-16 18:37 PDT by builders
Hardware: ASA5506W
Crashinfo collected on 11:18:56.869 UTC Tue May 9 2017
ASLR enabled, text region 7f31366cc000-7f313abbcdc4
Traceback:
0: 0x00007f3137462321
1: 0x00007f31374ac2a8
2: 0x00007f3138baab66
3: 0x00007f3135b64180
4: 0x00007f31374ad1d3
5: 0x00007f3138baade6
6: 0x00007f3135b64180
7: 0x00007f31374a5743
8: 0x00007f3137ed4f43
9: 0x00007f3138bb00c1
10: 0x00007f31374b17ee
11: 0x00007f3133007210
12: 0x00007f3138baefb5
13: 0x00007f3137482ab9
14: 0x00007f3132fe2e05
--------------------------
core0 same core snap_count=2 signo=11 RIP=7f3137ed79b4
Process shutdown finished
Rebooting... (status 0x8b)
INIT: Sending processes the TERM signal
Deconfiguring network interfaces... done.
Sending all processes the TERM signal...
Sending all processes the KILL signal...
Deactivating swap...
Unmounting local filesystems...
Rebooting...
But when it reboots it loads again in Rommon mode.
Cisco Systems ROMMON, Version 1.1.8, RELEASE SOFTWARE
Copyright (c) 1994-2015 by Cisco Systems, Inc.
Compiled Thu 06/18/2015 12:15:56.43 by builders
Current image running: Boot ROM0
Last reset cause: PowerCycleRequest
DIMM Slot 0 : Present
Platform ASA5506W with 4096 Mbytes of main memory
MAC Address: 00:a6:ca:07:61:21
Using default Management Ethernet Port: 0
Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
It takes the image from Disk0 ???
As per the link I posted, it should boot correctly....
maybe your config-register value is incorrect? Try checking the current value:
rommon>confreg
When ASA asked to change, choose no 'n'. What's the stated value?
rommon>confreg
When ASA asked to change, choose no 'n'. What's the stated value?
ASKER
rommon 1 > confreg
Configuration Register: 0x00000001
Configuration Summary
[ 0 ] password recovery
[ 1 ] display break prompt
[ 2 ] auto-boot image in disks
[ 3 ] console baud: 9600
boot: ...... auto-boot index 1 image in disks
do you wish to change the configuration? y/n [n]: n
Configuration Register: 0x00000001
Configuration Summary
[ 0 ] password recovery
[ 1 ] display break prompt
[ 2 ] auto-boot image in disks
[ 3 ] console baud: 9600
boot: ...... auto-boot index 1 image in disks
do you wish to change the configuration? y/n [n]: n
That looks correct. At rommon, can you manually boot? Then set the boot image?
rommon>boot
If and when it fully boots tell it to boot your image from disc0 (make sure the below file location is correct):
ciscoasa#conf t
ciscoasa(config-t)#boot system disc0:/asa962-lfbff-k8.SPA
ciscoasa(config-t)#wr
ciscoasa(config-t)#reload
rommon>boot
If and when it fully boots tell it to boot your image from disc0 (make sure the below file location is correct):
ciscoasa#conf t
ciscoasa(config-t)#boot system disc0:/asa962-lfbff-k8.SPA
ciscoasa(config-t)#wr
ciscoasa(config-t)#reload
ASKER
it doesn't boot correctly from rommon, after reboot it goes back to rommon
ASKER
i mean it goes in reboot loop, if i escape it goes to rommon
It's not finding the software image, or maybe it's corrupt. Do you see your image as per the below 'dir disc0' command?
rommon 2 > dir disk0:
File System: FAT32
drw- 3 0 .private
drw- 4 0 .iso_images
drw- 854002 0 snmp
-rw- 1661421 63 .boot_string
drw- 27479 0 log
drw- 27480 0 crypto_archive
drw- 27481 0 csco_config
drw- 27558 0 coredumpinfo
-rw- 825070 89934864 asa962-13-lfbff-k8.SPA<<<<
drw- 37845 0 vm
-rw- 847460 26729944 asdm-771-150.bin
-rw- 854004 29942546 anyconnect-win-4.4.01054-w
-rw- 861315 349 Anyconnect_Profile_client_
-rw- 863048 41846784 asasfr-5500x-boot-6.2.0-2.
rommon 3 >
rommon 2 > dir disk0:
File System: FAT32
drw- 3 0 .private
drw- 4 0 .iso_images
drw- 854002 0 snmp
-rw- 1661421 63 .boot_string
drw- 27479 0 log
drw- 27480 0 crypto_archive
drw- 27481 0 csco_config
drw- 27558 0 coredumpinfo
-rw- 825070 89934864 asa962-13-lfbff-k8.SPA<<<<
drw- 37845 0 vm
-rw- 847460 26729944 asdm-771-150.bin
-rw- 854004 29942546 anyconnect-win-4.4.01054-w
-rw- 861315 349 Anyconnect_Profile_client_
-rw- 863048 41846784 asasfr-5500x-boot-6.2.0-2.
rommon 3 >
ASKER
rommon 9 > dir disk0:
File System: FAT32
drw- 3 0 .private
drw- 4 0 .iso_images
-rw- 11 86456832 asa961-lfbff-k8.SPA
-rw- 21119 25819140 asdm-761.bin
-rw- 824651 33 .boot_string
drw- 27479 0 log
drw- 27480 0 crypto_archive
drw- 27481 0 csco_config
drw- 27558 0 coredumpinfo
drw- 37845 0 vm
it has : asa961-lfbff-k8.SPA
but I have uploaded the other from tftp.....
File System: FAT32
drw- 3 0 .private
drw- 4 0 .iso_images
-rw- 11 86456832 asa961-lfbff-k8.SPA
-rw- 21119 25819140 asdm-761.bin
-rw- 824651 33 .boot_string
drw- 27479 0 log
drw- 27480 0 crypto_archive
drw- 27481 0 csco_config
drw- 27558 0 coredumpinfo
drw- 37845 0 vm
it has : asa961-lfbff-k8.SPA
but I have uploaded the other from tftp.....
Did you ever get yours fixed?
I'm having the same issue with one I bought, but when I do dir disk0: it says "file system not supported". Even with the flash (msata ssd) removed from the ASA it still gets the same error you are getting. I'm thinking it is another issue with something on the board itself, but I ordered an msata to usb adapter to check the flash ssd drive on my PC.
I'm having the same issue with one I bought, but when I do dir disk0: it says "file system not supported". Even with the flash (msata ssd) removed from the ASA it still gets the same error you are getting. I'm thinking it is another issue with something on the board itself, but I ordered an msata to usb adapter to check the flash ssd drive on my PC.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
no answer ever found...
ASKER
No solution
supply the file name and destination filename.
the issue a
boot system disk0:/asa962-lfbff-k8.SPA
when complete
write mem
reload
wait for it to reboot
P