ASA via sleep deprivation

LearnAsIGoLearnAsIGo Member Posts: 20 ■□□□□□□□□□
The other day, for the first time, I was happily configuring away at 'asa1.'

Today, I can't even configure 'nameif' on 'asa1' but I can configure everything on 'asa2'

What happened? I know I'll get a reply that will make me slap my forehead and feel sheepish afterwards.

Maybe this is attributed to trying to get back on the rack after a sleepless night and I'm just too groggy to think. Probably so.

I can't even begin to remember what I did after wr erase/reload....it probably snagged me at those default prompts. I just don't know or I haven't learned - YET.

What follows are configs from 'asa1,' followed by 'asa2.'

As always, much thanks in advance...

asa1# sh run
: Saved
:
ASA Version 7.2(1) <system>
!
hostname asa1
enable password 8Ry2YjIyt7RRXU24 encrypted
no mac-address auto
!
interface Ethernet0/0
shutdown
!
interface Ethernet0/1
shutdown
!
interface Ethernet0/2
shutdown
!
interface Ethernet0/3
shutdown
!
interface Management0/0
shutdown
!
class default
limit-resource All 0
limit-resource ASDM 5
limit-resource SSH 5
limit-resource Telnet 5
!

ftp mode passive
pager lines 24
no failover
no asdm history enable
arp timeout 14400
console timeout 0
prompt hostname context
Cryptochecksum:d41d8cd98f00b204e9800998ecf8427e
: end



asa2# sh run
: Saved
:
ASA Version 7.2(1)
!
hostname asa2
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface Ethernet0/0
shutdown
nameif outside
security-level 0
no ip address
!
interface Ethernet0/1
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
no nameif
no security-level
no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
pager lines 24
mtu outside 1500
no failover
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh timeout 5
console timeout 0
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:c41d20a5906b6f771d5e583c4b56d9ee
: end

Comments

  • theevilmuffintheevilmuffin Member Posts: 11 ■□□□□□□□□□
    could asa 1 be a failover unit?

    can you do a "show version" please?
  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    ASA1 appears to be in multiple context mode, if you need to modify the admin context you must use the 'changeto context <contextname>' command, if you want to change it back to single context use the 'mode single' global config mode command.
    The only easy day was yesterday!
  • LearnAsIGoLearnAsIGo Member Posts: 20 ■□□□□□□□□□
    theevilmuffin:
    ciscoasa# sh ver

    Cisco Adaptive Security Appliance Software Version 7.2(1)
    Device Manager Version 5.2(1)

    Compiled on Wed 31-May-06 14:45 by root
    System image file is "disk0:/asa721-k8.bin"
    Config file at boot was "startup-config"

    ciscoasa up 8 hours 20 mins

    Hardware: ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1600 MHz
    Internal ATA Compact Flash, 64MB
    BIOS Flash AT49LW080 @ 0xffe00000, 1024KB

    Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
    Boot microcode : ☻CNlite-MC-Boot-Cisco-1.2
    SSL/IKE microcode: ♥CNlite-MC-IPSEC-Admin-3.03
    IPSec microcode : ☺CNlite-MC-IPSECm-MAIN-2.04
    0: Ext: Ethernet0/0 : address is 0013.c482.462c, irq 9
    1: Ext: Ethernet0/1 : address is 0013.c482.462d, irq 9
    2: Ext: Ethernet0/2 : address is 0013.c482.462e, irq 9
    3: Ext: Ethernet0/3 : address is 0013.c482.462f, irq 9
    4: Ext: Management0/0 : address is 0013.c482.4630, irq 11
    5: Int: Not licensed : irq 11
    6: Int: Not licensed : irq 5

    Licensed features for this platform:
    Maximum Physical Interfaces : Unlimited
    Maximum VLANs : 25
    Inside Hosts : Unlimited
    Failover : Active/Active
    VPN-DES : Enabled
    VPN-3DES-AES : Enabled
    Security Contexts : 5
    GTP/GPRS : Disabled
    VPN Peers : 250
    WebVPN Peers : 2

    This platform has an ASA 5510 Security Plus license.

    Serial Number: JMX0951K0C9
    Running Activation Key: 0xc101c049 0xe0beeab6 0x10a2f430 0x8038ecbc 0x8b04cca0
    Configuration register is 0x1

    dtlokee:
    It worked great, thanks a bunch. I was going crazy over this but now everything seems back to normal.

    In a way, this was a good thing to happen to me. Who learns from stuff that never gives ya problems?

    thanks again!
Sign In or Register to comment.