I had to move device, when it powered back up, it wouldn't boot. I can set IP, server, etc. in ROMMON and tftp boot. The problem is once I'm in P.E. mode, I can't ping the tftp server so I cannot begin to copy files in flash. This is strange because the ethernet and vlan interface show that they're up. Constant no route messages, even tried a /30 network, didn't work. Flash has been reformatted. The IOS was 7.2(3) and I'm trying to replace with 7.2(5). TIA.
Solved! Go to Solution.
Why do you mean by P.E mode?
I'm sorry, I was more than a little frustrated when I posted. When the image is loaded from tftp (from ROMMOM) and I can access the CLI you can get to priveleged exec prompt as there is no enable pwd. I cannot ping the tftp server, it cannot ping the ASA. This occurs even though vlan 1 and eth 0/0 are both up/up.
I've performed exactly what you provided already. My problem is exactly what the last poster is describing. If you reload the device you are back to square one as the image file is not saved when you tftp it from ROMMON. If you don't reload the ASA comes up to default prompt, ciscoasa>. Enter "enable" no pwd needed. Now perform copy tftp: flash: asks for server IP and file name. Fails because you have no connection. Can't ping tftp server IP, can't ping ASA from directly connected laptop. I can't remember if the inside interface is named or not. When I get to this point I move my connection to eth 0/1 which is usually default for inside. I will check security level as well, but it was 100 and outside was 0.
OK - when you follow all the steps, the last step is not to "reload" the ASA but to "boot" it so. It will use the image you have just tftp'd to it. Once loaded you then copy the image again to flash via tftp perminantly!
I never had to issue the boot cmd, it loads the image automatically. So that's where you get to the default prompt. You were correct about the "no route". I had to start in rommon again and tftp the image, by default (using set cmd to see the settings) it uses eth0/0. I changed it to use eth0/1. When the image loaded I named int vlan 1 to Inside and it defaulted the security level to 100. Then I could ping and issue the cmd to copy the image file to flash. I also copied the asdm file as well. Last question, are there any other files I need to copy? I can't get to the device now using asdm-idm launcher pointing to it's IP address. Thanks to everyone for their help.
If you have the ASM image in the ASA Flash - you just need to point the ASSA to use it, the authentication you want, the Ip subnet ou are allowing to access the ASDM, and enable the HTTP server on the ASA to allow the ASDM to run.
So you have provided to vlan 1 and ip address right, and assign a port (1-7) to the directly connected PC so you can upload the image to the flash of the ASA, and yes if they are on the same subnet you do not need a gateway.
Have you done it like that?
Would you mind to provide us the configuration you have before doing:
copy tftp flash
I would like to check it
I couldn't get the config before as it had no connectivity. I believe the device somehow tried to do a sw update and this is what corrupted the image. I then erased flash and reformatted.