https file upload to ASA flash

Unanswered Question
Jan 26th, 2010
User Badges:

Hi guys,

we want to automate the firmware and asdm file upload to our ton of ASAs but I can't find out the specifics.

I want to mimic ASDM which does a https post to fqdn/admin/disk0/filename-on-flash.

I found out that 'Content-Length' in the http header has to be set else the asa rejects the request as bad request.

My problem is that the upload stalls some bytes before finishing and then the connection times out.

SCP would be an option too if it didn't take nearly 80% cpu and is extremly slow, about 35kbytes/sec.

Thanks, Alex

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Farrukh Haroon Wed, 02/03/2010 - 02:04
User Badges:
  • Red, 2250 points or more

I would suggest using SCP over HTTP.  Its more secure and the CLI would give your more control.

I assume you don't have Cisco Security Manager in your environment (which could actually be good )



Alexander Hartmaier Wed, 02/03/2010 - 03:43
User Badges:

SCP over HTTP doesn't exist.

Do you mean just SCP?

For whatever reason SCP leads to about 80% cpu usage and a speed of just 35kb/sec.

I've already reverse-engineered what ASDM does and can now upload files using https.

No we don't have CSM, after evaluation last year it didn't meet our needs besides its horrendous costs.

Farrukh Haroon Wed, 02/03/2010 - 04:19
User Badges:
  • Red, 2250 points or more

Sorry I meant that you should use 'scp' instead of 'http' as it is more secure. Did not know you were using HTTPS (and not regular HTTP).




This Discussion