12-21-2011 12:42 PM - edited 03-11-2019 03:05 PM
Hi,
I had to move device, when it powered back up, it wouldn't boot. I can set IP, server, etc. in ROMMON and tftp boot. The problem is once I'm in P.E. mode, I can't ping the tftp server so I cannot begin to copy files in flash. This is strange because the ethernet and vlan interface show that they're up. Constant no route messages, even tried a /30 network, didn't work. Flash has been reformatted. The IOS was 7.2(3) and I'm trying to replace with 7.2(5). TIA.
Solved! Go to Solution.
12-22-2011 08:10 AM
"no route" normally means you have not give the vlan interface a name? and or security level?
12-21-2011 12:55 PM
Hello Mike,
Why do you mean by P.E mode?
Regards,
Julio
12-22-2011 06:48 AM
I'm sorry, I was more than a little frustrated when I posted. When the image is loaded from tftp (from ROMMOM) and I can access the CLI you can get to priveleged exec prompt as there is no enable pwd. I cannot ping the tftp server, it cannot ping the ASA. This occurs even though vlan 1 and eth 0/0 are both up/up.
12-22-2011 08:10 AM
"no route" normally means you have not give the vlan interface a name? and or security level?
12-22-2011 08:10 AM
Also check out the below URL
http://itguy11.wordpress.com/2010/08/27/boot-image-recovery-on-a-cisco-asa-firewall/
12-22-2011 06:16 PM
Andrew,
I've performed exactly what you provided already. My problem is exactly what the last poster is describing. If you reload the device you are back to square one as the image file is not saved when you tftp it from ROMMON. If you don't reload the ASA comes up to default prompt, ciscoasa>. Enter "enable" no pwd needed. Now perform copy tftp: flash: asks for server IP and file name. Fails because you have no connection. Can't ping tftp server IP, can't ping ASA from directly connected laptop. I can't remember if the inside interface is named or not. When I get to this point I move my connection to eth 0/1 which is usually default for inside. I will check security level as well, but it was 100 and outside was 0.
12-23-2011 12:44 AM
OK - when you follow all the steps, the last step is not to "reload" the ASA but to "boot" it so. It will use the image you have just tftp'd to it. Once loaded you then copy the image again to flash via tftp perminantly!
12-23-2011 07:15 AM
Andrew,
I never had to issue the boot cmd, it loads the image automatically. So that's where you get to the default prompt. You were correct about the "no route". I had to start in rommon again and tftp the image, by default (using set cmd to see the settings) it uses eth0/0. I changed it to use eth0/1. When the image loaded I named int vlan 1 to Inside and it defaulted the security level to 100. Then I could ping and issue the cmd to copy the image file to flash. I also copied the asdm file as well. Last question, are there any other files I need to copy? I can't get to the device now using asdm-idm launcher pointing to it's IP address. Thanks to everyone for their help.
12-23-2011 07:25 AM
If you have the ASM image in the ASA Flash - you just need to point the ASSA to use it, the authentication you want, the Ip subnet ou are allowing to access the ASDM, and enable the HTTP server on the ASA to allow the ASDM to run.
12-22-2011 09:32 AM
Hello Mike,
So you have provided to vlan 1 and ip address right, and assign a port (1-7) to the directly connected PC so you can upload the image to the flash of the ASA, and yes if they are on the same subnet you do not need a gateway.
Have you done it like that?
Regards,
Julio
12-22-2011 06:10 PM
Yes, and performed the steps I've described in reply to Andrew.
12-22-2011 07:23 PM
Hello Mike,
Would you mind to provide us the configuration you have before doing:
copy tftp flash
I would like to check it
Regards,
Julio
12-23-2011 07:18 AM
Julio,
I couldn't get the config before as it had no connectivity. I believe the device somehow tried to do a sw update and this is what corrupted the image. I then erased flash and reformatted.
Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide