Make a PayPal Donation


  KB 0000073
  Dated 11/01/12
  Revision 2.00
   

Cisco ASA5500 Update System and ASDM (From ASDM)

Do the same from command line
 
Problem

Below is a walkthrough for upgrading the OS image and ASDM using the ASDM, this method does not require access to a TFTP server.

Warning:

Before upgrading/updating the ASA to version 8.3 (or Higher) Check to see if you have the correct amount of RAM in the firewall ("show version" command will tell you). This is VERY IMPORTANT if your ASA was shipped before February 2010. See the link below for more information.

ASA - Memory Error (Post upgrade to version 8.3)

Warning 2:

Be aware, if you are upgrading to an OS of 8.4(2) or newer you can no longer access the device via SSH when using the default username of "pix" you need to enable AAA authentication for SSH, do this before you reboot/reload the firewall or you may lock yourself out.

ASA Enable AAA LOCAL Authentication for SSH
Solution

1. Firstly make sure you have the latest system and ASDM images on your PC, you will need a valid service agreement and a CCO login with Cisco to download them.
2. Connect to the ASDM either via the client software or a web page pointed to https://IP_OF_THE ASA (NOTE you need to be on an IP that's allowed to connect to to the ASA.)
3. Tools > Upload Image on Local PC.
4. Select "ASA Image" > Browse Local.
5. Navigate to the ASA image file on your PC > Open.
6. Browse Flash.
7. OK.
8. Upload Image. > Go for a Coffee.
9. Halfway there > OK.
10 Configuration > Device Administration > Boot Image > Boot Config File Path Section > Browse Flash. NOTE on older ASDM's this is on the Properties Page.
11. Select the new one.
12. File > Save running configuration to flash.
13. Tools > Upload Image on Local PC.
14. Select ASDM Image > Browse Local.
15. Locate the new ASDM Image on your PC.
16. Browse Flash.
17. Select the new one > OK.
18. Upload Image.
19. OK.
20. Configuration > Device Administration > Boot Image > ASDM Image File Path Section > Browse Flash. NOTE on older ASDM's this is on the Properties Page.
21. Select the new one > OK.
22. Apply. (If you get an Error - see step 26).
23. File > Save running config to flash.
24. Tools > System Reload.
25. Schedule Reload.
ciscoasa#
ciscoasa# conf t
ciscoasa(config)# boot system flash:asa722-k8.bin
ciscoasa(config)# reload
Proceed with reload? [confirm]		 26. Occasionally the Firewall will error, and the OS will not update, if this happens, either connect via telnet or the console cable, then issue the commands shown to the left. (substitute asa722-k8.bin for the filename you uploaded in step 7).

 

If this post helped you, PLEASE take the time to +1 it.

Please be aware, all information is provided free, but it does cost me to have this site hosted, if I've helped you in any way, or saved you some time/cost please take time to make a donation.

If you have anything to add to an article, or have an article you would like us to publish please feel free to contact PeteNetLive. (Please be aware I get a LOT of email, I cannot assist and fix everyone's problems, please do not be offended if you do not get a response).
References - Credits - Or External Links
Originally written 09/11/09

 


powered by
Socialbar