ASA 5505 ROMMON issue

kmcintosh78

I am trying to load a new image from an ASA 5505, old was deleted, and i am at the ROMMON portion, but for some reason it will only allow me to enter the ADDRESS, SERVER and GATEWAY info.
I could use some help.

kmcintosh78

I try to type in the "Image" command, after entering the IP and Server, but it gives me an "Invalid or incorrect command" statement.

kmcintosh78

Nothing from nobody???

Jason0352

ADDRESS = ip your assigning the ASA
SERVER = ip of the machine with the IOS file that is running a tftp client.
GATEWAY = if the ASA and Server are in different subnets then you need to assign this variable to a gateway that has a route between the two.
IMAGE = the exact name of the image/file wanting to be copied.

After those variables are good to do a test ping to make sure connectivity between the ASA and tftp server.

Once connectivity is confirmed type 'tftpdl' to start the tftp transfer.

kmcintosh78

I understand all of that.
My issue is that the ASA will not allow me to input the "IMAGE". I get a "Invalid or incorrect statement".

networker050184

Have you tried having one image and see if it pulls it?

kmcintosh78

It will not even let me type the "IMAGE" command.

networker050184

Then don't type the image command, just execute after the gateway command.

kmcintosh78

I think I understand where you are going with this.
Basically remove any images from the TFTP server except the ASA and just try to push it that way?

But, I have tried to execute the command to copy the image and I get an error stating to enter the "IMAGE" command and appropriate image.

inscom.brigade

This sounds like when you forget to add .bin to your file name

kmcintosh78

Nope, checked and tried it again. Same result.

inscom.brigade

I have had issues connecting to tftp at times, it was not clear why and nothing i did was conclusive. Sometimes multiple instances of tftp running simultaneous cased it.

I had used task manager to kill all running and began again



I would turn off my firewall and then it would work! | or open a port

dover

I'm not trying to be a smart @## here...are you typing IMAGE= in all caps?

If i try typing in lowercase I get your standard "Invalid or incorrect command. Use 'help' for help." error message.

I just broke out a 5505 and went through the process and didn't have any trouble.

My CLI was:

rommon #0> ADDRESS=10.1.1.1
rommon #1> SERVER=10.1.1.2
rommon #2> IMAGE=asa841-k8.bin
rommon #3> PORT=Ethernet0/0
Ethernet0/0
MAC Address: 70ca.9bxx.xxxx
Link is UP
rommon #4> set
ROMMON Variable Settings:
ADDRESS=10.1.1.1
SERVER=10.1.1.2
GATEWAY=0.0.0.0
PORT=Ethernet0/0
VLAN=untagged
IMAGE=asa841-k8.bin
CONFIG=
LINKTIMEOUT=20
PKTTIMEOUT=4
RETRY=20
rommon #5> tftpdnld


If that doesn't work....what if you use these commands instead:

rommon #0> address 10.1.1.1
rommon #1> server 10.1.1.2
rommon #2> file asa841-k8.bin
rommon #3> interface ethernet0/0
MAC Address: 70ca.9bxx.xxxx
Link is UP
rommon #4> tftpdnld
ROMMON Variable Settings:
ADDRESS=10.1.1.1
SERVER=10.1.1.2
GATEWAY=0.0.0.0
PORT=Ethernet0/0
VLAN=untagged
IMAGE=asa841.bin
CONFIG=
LINKTIMEOUT=20
PKTTIMEOUT=4
RETRY=20

tftp asa841.bin@10.1.1.2

I didn't actually transfer the image but from your description it soudns like you can't even get past the IMAGE=asa841.bin command.

Hope it helps

edited to fix stupid typo

kmcintosh78

Yep, tried that . Power cycle, changed TFTP apps, changed PCs. Nothing

kmcintosh78

Nope, no caps, as it takes all the other commands.
I will try the "file" command and report back in a bit.

inscom.brigade

you didn't mention that you tried shutting off your firewall in the control pannel of windows