Re: I just bought a used Cisco ASA 5506-X from Ebay

hyjeon · ‎01-12-2021

Hello,

I bought a 5506 from Ebay to use a traning purpose. After I received it today, I spent hours configuring to access the internet but I'm still struggling with it.

I have a lot of questions but here are some main ones.

1. Is there a way to download the newest firmware and Cisco Anyconnect for this product for me who bought used ones.

2. According to the manual, it allows 50 VPN clients. Does that mean I can use SSLVPN if I get the Cisco Anyconnect application?

For some reason, some commands on Youtube didn't even work on my ASA product, maybe the command vary on normal router and ASA?

Please advise.

marce1000 · ‎01-12-2021

- You won't be able to download firmware if you don't have a service contract with Cisco. You say some commands do not work. Post screenshots examples (e.g.). Perhaps something can be done.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Leo Laohoo · ‎01-12-2021

@marce1000 wrote:

You won't be able to download firmware if you don't have a service contract with Cisco.

Read Cisco ASA & FTD Software Remote Code Execution Vulnerability.
Scroll down to the "Customers Without Service Contracts" section.
Read the 2nd paragraph very, very carefully:

Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.

hyjeon · ‎01-12-2021

Thanks for your reply. now I can see there's a hope I can update it to the newest version. I will check it out.

hyjeon · ‎01-12-2021

thanks for your reply.

I reset it to factory default. All I want is to use port 1 as WAN port and rest 2 to 8 as LAN port.

I really don't have any knowledge about it so I just followed the ASA5506 manual but I don't understand how to enable DHCP for LAN ports and what to type WAN port if my ISP provides DHCP. all the manual explained WAN IP as static ip.

Marvin Rhoads · ‎01-12-2021

ASA 5506 can run two very different types of software - ASA and FTD. The commands used on those two software types vary significantly. You can start by sharing what yous tells you when you type "show version" from the command line. That will tell us which software type and version yours has installed.

As @marce1000 noted, the software updates aren't free. Neither are the AnyConnect licenses. Buying Cisco firewalls on eBay is a very risky undertaking and often leads to disappointment.

hyjeon · ‎01-12-2021

Thanks for your reply. If I want to configure it as a normal router, and enable site to site VPN, SSLVPN, port forwarding, can I just pick CLI, ASDM or FTD to learn? or do I need to know all of them? if I don't need to learn CLI, I would learn ASDM as GUI seems easier to learn...:)

thanks,

pmckenzie · ‎01-12-2021

I know it is not the same as real gear but for training may be suitable

Have a look at labs in packet tracer,

here is a snip from the available labs

download packer tracer

There are worlds out there where the sky is burning, where the sea's asleep and the rivers dream, people made of smoke and cities made of song. Somewhere there's danger, somewhere there's injustice and somewhere else the tea is getting cold" Dr Who

hyjeon · ‎01-12-2021

Thanks for your reply. that would help me a lot. I was wondering if there's Cisco wireless AP labs as well. then I don't need to look for a Cisco wireless device from eBay.

thanks,