cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
570
Views
5
Helpful
2
Replies

Problem upgrading ASA5505

saiiven07
Level 1
Level 1

I've run into a weird problem. I have an ASA5505 with a very slow Internet connection that acts as an EasyVPN client. I want to upgrade the software image on it but given the speed of the Internet connection, it's going to take about 2 hours. Every time I try to upload the new image to flash, it stops after 1 hour. I guess it's because of the SSH session idle timeout value which is set to 60 minutes (max). Is there any way I can fix this problem? Thanks.

2 Replies 2

Nagaraja Thanthry
Cisco Employee
Cisco Employee

Hello,

If the firewall is local to you, I would suggest you downloading the file to a local computer (may be download it outside of your network) and then uploading it to the firewall from the local PC. That is much better compared to trying to load it via internet.

As far as slow connection is concerned, is it due to your ISP or do you think it is due to the firewall itself? If you think it is due to the firewall itself, you might want to check the output of "show asp drop" to see if there are any drops due to MSS exceed or Out-of-order packets. If yes, please try the following:

tcp-map tmap

exceed-mss allow

queue-limit 250

exit

access-list internet permit tcp any any

class-map internet

match access-list internet

exit

policy-map global_policy

class internet

set connection advanced-options tmap

exit

service-policy global_policy global

Hope this helps.

Regards,

NT

Hi, Nagaraja.

Thanks for the reply. After a few unsuccessful attempts to upload the new image, I decided to switch to some other SSH client since I noticed the uploading stopped when Putty tried to renegotiate the current SSH session. So after switching to SecureCRT, everything went without a hitch.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: