Downgrade from CLI?

Unanswered Question
Jul 29th, 2009


I'm not a CLI expert, but I got myself into a hole with the ASDM and now I've got to dig out. I upgraded a remote AS5505 from 7.2 to 8.2 through ASDM but forgot to upgrade the ASDM from 5.2 to 6.2 before rebooting. Now I can't access the ASDM but I can access the ASA through SSH. I've got 2 images in the memory both 7.2 and 8.2 : can I simply change the boot image back to 7.2 (boot system disk0:7.2-image-name) and then reboot the system?

Thanks, Joe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
JORGE RODRIGUEZ Wed, 07/29/2009 - 09:43

Yes you can , as long you correctly change the boot disk0 statement to reflec the correct code, and that the code is indeed in your disk0 file system.

On the other hand why don't you just tftp the new asdm code for your 8.x version from a tftp server into your disk0, you can then correct the asdm statement to point to the new asdm and don't even need to reboot the firewall.


joe.favia Wed, 07/29/2009 - 14:23


Thanks for your reply. I can't use TFTP because it's a remote appliance sitting behind variouse layers of screening devices managed by others. Ideally I'd use a TFTP server on a local network, but that's not within the range of available possibilities. I can only use SSH and HTTPS, while the ASA can only send me SYSLOG.

Once I reboot to 7.2, I'll upload the new ASDM and then change the boot image once more to 8.2. Thanks again for confirming my solution.


JORGE RODRIGUEZ Wed, 07/29/2009 - 15:49

You're welcome Joe, understandable .., you should be able to run the 7.2 code after reboot as you have planned.


ahmad82pkn Thu, 07/30/2009 - 05:58


Please let us know if you were successful by simply changing boot system to your previous IOS image. and you were good.

joe.favia Fri, 07/31/2009 - 08:27


Yes, after changing the boot system I ran a "write mem", reload and I got back to 7.2.

I then loaded the new ASDM, changed the boot system again, ran "write mem" and rebooted. I've been using 8.2 since then without any problems. My configuration at the moment is very minimal as I am still starting up with this new firewall.

Cheers, Joe


This Discussion