I have an ASA 5505 running software version 8.0(4) that I picked up a while back. I had just finished configuring it via the serial console. I confirmed that DHCP addresses we're being pushed out on the VLANs, made a couple of minor tweaks, and confirmed that I could ssh into the ASA on the appropriate VLAN. After that I issued a write to save the config and took the firewall downstairs to replace my cheap little router.
After hooking it up, I started checking my machines only to discover that none of the machines on any of the vlans were getting IP addresses. I assigned a static IP on the VLAN with management access but I still couldn't connect to it. A packet capture showed zero traffic coming from the ASA. I grabbed the ASA and hooked it back up via a serial console but now I can no longer connect to it. The power & status lights are on. Plugging in cables turns the link lights on in front and back and they flash indicating activity. When I unplug the ASA I see a single odd character show up in putty over the serial connection.
I'm out of ideas. Is there anything else I can do?
Solved! Go to Solution.
You may have set console and other access to use invalid or unreachable authentication servers/methods. If you follow the password recovery procedure here, you should be able to get back into the appliance.
Step three of the password recovery option says, "During the startup messages, press the Escape key when prompted to enter ROMMON," but that pre-supposes that I'm seeing some output on the serial console. I'm seeing nothing at all (until I turn off the ASA then I see a single odd character).
Despite not seeing the usual console output, I've tried hitting repeatedly Escape as indicated but I'm still not getting any output. I've even tried other baud rates.
Thank you for the suggestion. Other ideas?
The console cable and settings worked fine until I walked the ASA downstairs, so I'd expect they're still good. I'll try re-connecting the cable and try using a different computer in the morning just in case.
I've tried reconnecting the cable and I've ensured all the connections are tight and I'm still not getting any results from the ASA. As everything was well configured before, I believe it's a hardware failure , though I'll keep it around until I have another cable to test with.
Thank you for your help.
From the results of your doublechecking I agree it might well be hardware.
Are you getting a green status light on the front panel?
Assuming you don't have Smartnet (in which case you could just open a Service Request with the Cisco TAC), some folks have reported good results with varying their power up approach and/or replacing the RAM. See this thread for example.
Actually, no. I have a green power light and and solid orange status light, though the network activity indicators flash with activity as though everything was working. I hadn't even noticed the color difference before.
Thank you for asking.
It was indeed the RAM that was the problem. Once I replaced the RAM the ASA booted up exactly as I had configured it.
Thank you for all the help.