Wednesday, February 19, 2014

How to upgrade an ASA OS remotely using FTP.

Sometimes I'm required to upgrade a Cisco ASA's OS remotely.  Most Cisco admins are familiar with upgrading the OS using TFTP.  Because TFTP uses UDP, remotely sending the OS via TFTP is not a good idea.  (I'd tell you a joke about UDP, but you might not get it.)

To upgrade via FTP-
I use a FileZilla active mode FTP server.  So first, disable passive mode.

configure terminal
no ftp mode passive

Then, use this copy command-
copy ftp://<Username>:<Password>@<IP Address>/asa825-k8.bin disk0:/asa825-k8.bin

So in my case- (using a fake invalid IP)
copy ftp://cisco:Passw0rd@107.12.631.147/asa825-k8.bin disk0:/asa825-k8.bin

Next you're going to want to check the checksum.  If you go to cisco.com, support, and find your product's software downloads, you can see the checksum by hovering over the file.

Use the command-
verify /md5 disk0:/asa825-k8.bin 97951eea5b35e0544ca9242e6818b39f

Once the checksum is verified, simply change your boot command-
boot system disk0:/asa825-k8.bin
..and remove any old boot system commands.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)