Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
116537
Views
45
Helpful
20
Replies

ASA Keeps booting to Rommon!

Go to solution
chrisbicm
Level 1
Level 1

‎06-08-2006 05:29 AM - edited ‎02-21-2020 12:57 AM

Hello,

I recently had to re-format, add a new activation-key, and add the asdm504.bin and asa704-k8.bin to my ASA 5520 (I accidentaly erased the memory on the machine). Now currently everytime I use the "reload" command it just loads straight into Rommon#.... when I get to the Rommon# prompt all I have to do is type.... "boot" and it loads my asa704-k8.bin file and loads up my config and looks good. I am just wondering is there a way that I would be able to easily set it so it loads the image automatically?

asa2(config)#show boot

BOOT variable = disk0:/asa704-k8.bin

Current BOOT variable = disk0:/asa704-k8.bin

CONFIG_FILE variable = disk0:/startup-config

Current CONFIG_FILE variable = disk0:/startup-config

asa2(config)# show disk0:

Initializing disk0: cache, please wait....Done.

-#- --length-- -----date/time------ path

8 2995 Jun 07 2006 06:30:02 startup-config

9 5437440 Jun 07 2006 06:18:04 asa704-k8.bin

10 5958324 Jun 07 2006 06:24:08 asdm504.bin

51515392 bytes available (11431936 bytes used)

Thanks,

Chris

3 people had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
a.kiprawih
Level 7
Level 7

‎06-09-2006 12:13 PM

Hi Chris,

0x00112002 -> meaning boot from TFTP server, if fails, go to rommon.

The "config-register 0x1' is ok, as this will instruct ASA to load from default image.

As a precaution (same goes to me), pls backup the config (evem though it will not delete the config file).

Rgds,

AK

View solution in original post

20 Replies 20

Go to solution
tvanginneken
Level 4
Level 4

‎06-08-2006 11:29 AM

Hi,

try adding the "boot system disk0:/asa7xx-k8.bin" to your config.

Kind Regards,

Tom

0 Helpful

Go to solution
chrisbicm
Level 1
Level 1
In response to tvanginneken

‎06-08-2006 12:05 PM

Tom,

Thanks a lot for the response, I gave that a try and I got the following error. I have no clue what is going on and I dont know why it wont boot the image.... even though it says it should.

icm-asa2(config)# boot system disk0:/asa704-k8.bin

ERROR: Unable to set this url, it has already been set

Remove the first instance before adding this one

Thanks,

Chris

ps: Im not sure but I have a feeling its something I have to set within the Rommon prompt but I have no idea what.... Unfortunately

0 Helpful

Go to solution
tvanginneken
Level 4
Level 4
In response to chrisbicm

‎06-08-2006 11:16 PM

Hi Chris,

could you have a look in the config and see if the is already a "boot system" command present? Remove it (if it's there) and replace it with the right one.

Regards,

Tom

0 Helpful

Go to solution
chrisbicm
Level 1
Level 1
In response to tvanginneken

‎06-09-2006 07:25 AM

Tom,

I took a look at the config and the only "boot system" command was pointing to my asa704-k8.bin file so I am really at a loss here. I am fairly certain as I mentioned it must be something in Rommon that needs to be set at initial boot but I am just not sure what to set to make it so its doesnt boot into Rommon and just loads my .bin file. Any other suggestions?

Here is a readout of what it says after I reload:

Evaluating BIOS Options ...

Launch BIOS Extension to setup ROMMON

Cisco Systems ROMMON Version (1.0(10)0) #0: Fri Mar 25 23:02:10 PST 2005

Platform ASA5520

Management0/0

Ethernet auto negotiation timed out.

Interface-4 Link Not Established (check cable).

Default Interface number-4 Not Up

Use ? for help.

rommon #0>

I am not sure why it is trying to use the Interface-4?

Thanks a lot for the help,

Chris

0 Helpful

Go to solution
srinu.allamani
Level 1
Level 1
In response to chrisbicm

‎08-27-2015 05:13 AM

no boot system disk0:/asa704-k8.bin

0 Helpful

Go to solution
nsureshr
Cisco Employee
Cisco Employee
In response to chrisbicm

‎04-28-2020 07:52 AM

It means you have already set boot image .. Just change the config-register value to 0x2102 and then reload it

 

0 Helpful

Go to solution
nsureshr
Cisco Employee
Cisco Employee
In response to nsureshr

‎04-28-2020 07:59 AM

sorry 0x1
0 Helpful

Go to solution
sean
Level 3
Level 3

‎06-09-2006 10:37 AM

I ran into a similar issue awhile back. Make sure your config register is set to:

Configuration register is 0x1

This kinda threw me off as it is different from routers. Hope this helps.

Go to solution
chrisbicm
Level 1
Level 1
In response to sean

‎06-09-2006 10:57 AM

Sean,

If I use the confreg command, that will erase all my current configurations correct? And also will that erase my asa704-k8.bin file from my disk0: or just my startup and running configs?

Thanks a lot (so close to fixing this finally),

Chris

0 Helpful

Go to solution
a.kiprawih
Level 7
Level 7

‎06-09-2006 11:46 AM

Hi Chris,

Check the current confreg value using:

rommon #1> confreg

When ASA asked to change, choose no 'n'. What's the stated value?

The reason why your ASA always boot to rommon was due to the confreg value where if character numbers 0 and 1 are not set to automatically boot an image, then the security appliance by default will boot directly into ROMMON.

That's why you need to manually execute 'boot' to make the firewall boot to normal operational mode.

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/cref_txt/c.htm#wp1968384

The value '0x1' is to allow ASA to boot from your specified boot system (local flash - disk0:/asaxxxx.bin).

It will not erase your config & image file, but always keep your last known good configuration as backup. Image file can on;y be deleted using delete or erase command, or if format the flash.

Rgds,

AK

Go to solution
chrisbicm
Level 1
Level 1
In response to a.kiprawih

‎06-09-2006 12:01 PM

Ak,

Yeah my Confreg value is:0x00112002

would you be able to provide me with the command I enter in rommon to set the confreg back, I assume its just confreg = 0x1 but Id like to make sure

Thanks (As always you've been a great help)

Chris

0 Helpful

Go to solution
a.kiprawih
Level 7
Level 7
In response to a.kiprawih

‎06-09-2006 12:03 PM

And also, if your boot system returned error message:

ERROR: Unable to set this url, it has already been set

Remove the first instance before adding this one

Try to change it to use flash -> boot system flash:/asa704-k8.bin, OR clear it first before re-enter the boot system command.

This option is only available for the ASA platform, and indicates the internal Flash card. Any keyword flash or disk0 can be used as they are aliased.

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/cref_txt/ab.htm#wp1348883

Rgds,

AK

0 Helpful

Go to solution
a.kiprawih
Level 7
Level 7

‎06-09-2006 12:13 PM

Hi Chris,

0x00112002 -> meaning boot from TFTP server, if fails, go to rommon.

The "config-register 0x1' is ok, as this will instruct ASA to load from default image.

As a precaution (same goes to me), pls backup the config (evem though it will not delete the config file).

Rgds,

AK

Go to solution
chrisbicm
Level 1
Level 1
In response to a.kiprawih

‎06-09-2006 12:15 PM

AK,

Wow thanks a lot... without your help I would still be wondering why it was going into Rommon and I wouldnt even have my new image from my tftp server, you saved me big time

THANKS!!!

Chris

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card