Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
955
Views
0
Helpful
2
Replies

After changing to Transparent mode Version changed of ASA

Go to solution
mahesh18
Level 6
Level 6

‎09-17-2013 09:51 PM - edited ‎03-11-2019 07:40 PM

Hi Everyone,

ASA  was running security plus with version 9.1  5505.

Once i changed mode to transparent it shows

ciscoasa# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(5)

Device Manager Version 7.1(2)

Compiled on Fri 20-May-11 16:00 by builders

System image file is "disk0:/asa825-k8.bin"

Config file at boot was "startup-config"

ciscoasa up 36 mins 0 secs

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz

Internal ATA Compact Flash, 128MB

BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05

0: Int: Internal-Data0/0    : address is b0fa.eba2.cbcb, irq 11

1: Ext: Ethernet0/0         : address is b0fa.eba2.cbc3, irq 255

2: Ext: Ethernet0/1         : address is b0fa.eba2.cbc4, irq 255

3: Ext: Ethernet0/2         : address is b0fa.eba2.cbc5, irq 255

4: Ext: Ethernet0/3         : address is b0fa.eba2.cbc6, irq 255

5: Ext: Ethernet0/4         : address is b0fa.eba2.cbc7, irq 255

6: Ext: Ethernet0/5         : address is b0fa.eba2.cbc8, irq 255

7: Ext: Ethernet0/6         : address is b0fa.eba2.cbc9, irq 255

8: Ext: Ethernet0/7         : address is b0fa.eba2.cbca, irq 255

9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255

10: Int: Not used            : irq 255

11: Int: Not used            : irq 255

Licensed features for this platform:

Maximum Physical Interfaces    : 8

VLANs                          : 20, DMZ Unrestricted

Inside Hosts                   : Unlimited

Failover                       : Active/Standby

VPN-DES                        : Enabled

VPN-3DES-AES                   : Enabled

SSL VPN Peers                  : 25

Total VPN Peers                : 25

Dual ISPs                      : Enabled

VLAN Trunk Ports               : 8

Shared License                 : Enabled

AnyConnect for Mobile          : Enabled

AnyConnect for Cisco VPN Phone : Enabled

AnyConnect Essentials          : Enabled

Advanced Endpoint Assessment   : Enabled

UC Phone Proxy Sessions        : 24

Total UC Proxy Sessions        : 24

Botnet Traffic Filter          : Enabled

This platform has an ASA 5505 Security Plus license.

Serial Number: JMX1710409T

Running Activation Key: 0xed12ee4a 0x8ce883be 0x81414cc8 0xe18414c8 0xc530fb85

Configuration register is 0x1

Configuration last modified by enable_15 at 04:40:13.689 UTC Wed Sep 18 2013

ciscoasa#  sh int ip brief

Interface                  IP-Address      OK? Method Status                Prot

ocol

Ethernet0/0                unassigned      YES unset  administratively down up

Ethernet0/1                unassigned      YES unset  administratively down up

Ethernet0/2                unassigned      YES unset  administratively down up

Ethernet0/3                unassigned      YES unset  administratively down down

Ethernet0/4                unassigned      YES unset  administratively down down

Ethernet0/5                unassigned      YES unset  administratively down down

Ethernet0/6                unassigned      YES unset  administratively down down

Ethernet0/7                unassigned      YES unset  administratively down down

Internal-Data0/0           unassigned      YES unset  up                    up

Internal-Data0/1           unassigned      YES unset  up                    up

Vlan26                     1.1.1.1         YES unset  down                  down

Vlan50                     1.1.1.1         YES unset  down                  down

Vlan150                    unassigned      YES unset  down                  down

Virtual0                   127.0.0.1       YES unset  up                    up

ciscoasa# write erase

Erase configuration in flash memory? [confirm]

[OK]

ciscoasa# config t

ciscoasa(config)# firewall transparent

ciscoasa(config)#

ciscoasa(config)# interface Ethernet0/1

ciscoasa(config-if)#  switchport trunk allowed vlan 26,50

ciscoasa(config-if)#  switchport mode trunk

ciscoasa(config-if)#

ciscoasa(config-if)# interface Ethernet0/2

ciscoasa(config-if)#  switchport trunk allowed vlan 2050

ciscoasa(config-if)#  switchport mode trunk

ciscoasa(config-if)#

ciscoasa(config-if)# interface Vlan26

ciscoasa(config-if)#  nameif management

ciscoasa(config-if)#  bridge-group 2

                       ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config-if)#  security-level 100

ciscoasa(config-if)#

ciscoasa(config-if)# interface BVI2

                               ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config)#  ip address 192.168.26.5 255.255.255.0

ciscoasa(config)#

ciscoasa(config)# interface Vlan50

ciscoasa(config-if)#  nameif inside

ciscoasa(config-if)#  bridge-group 1

                       ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config-if)#  security-level 100

ciscoasa(config-if)#

ciscoasa(config-if)# interface Vlan2050

                               ^

ERROR: % Cannot allocate MAC address to interface

ciscoasa(config)#  nameif outside

                       ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config)#  bridge-group 1

                    ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config)#  security-level 0

                     ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config)#

ciscoasa(config)# interface BVI1

                            ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config)#  ip address 1.1.1.1 255.255.255.0

ciscoasa(config)#

ciscoasa(config)# access-list inside-in extended permit ip any any

WARNING: <inside-in> found duplicate element

ciscoasa(config)#

ciscoasa(config)# access-group inside-in in interface inside

ciscoasa(config)# end

ciscoasa# write erase

Erase configuration in flash memory? [confirm]

[OK]

ciscoasa# sh fire

ciscoasa# sh firewall

Firewall mode: Transparent

ciscoasa# config t

ciscoasa(config)# interface BVI1

                            ^

ERROR: % Invalid input detected at '^' marker.

ciscoasa(config)# int B?

ERROR: % Unrecognized command

ciscoasa(config)# interface Ethernet0/1

ciscoasa(config-if)#  switchport trunk allowed vlan 26,50

ciscoasa(config-if)#  switchport mode trunk

ciscoasa(config-if)#

ciscoasa(config-if)# interface Ethernet0/2

ciscoasa(config-if)#  switchport trunk allowed vlan 150

ciscoasa(config-if)#  switchport mode trunk

ciscoasa(config-if)# end

ciscoasa# wr mem

Building configuration...

Cryptochecksum: 3553ece9 25fc7b26 57b494a3 01f0a10e

2562 bytes copied in 1.550 secs (2562 bytes/sec)

[OK]

ciscoasa# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(5)

Device Manager Version 7.1(2)

Compiled on Fri 20-May-11 16:00 by builders

System image file is "disk0:/asa825-k8.bin"

Config file at boot was "startup-config"

ciscoasa up 40 mins 11 secs

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz

Internal ATA Compact Flash, 128MB

BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05

0: Int: Internal-Data0/0    : address is b0fa.eba2.cbcb, irq 11

1: Ext: Ethernet0/0         : address is b0fa.eba2.cbc3, irq 255

2: Ext: Ethernet0/1         : address is b0fa.eba2.cbc4, irq 255

3: Ext: Ethernet0/2         : address is b0fa.eba2.cbc5, irq 255

4: Ext: Ethernet0/3         : address is b0fa.eba2.cbc6, irq 255

5: Ext: Ethernet0/4         : address is b0fa.eba2.cbc7, irq 255

6: Ext: Ethernet0/5         : address is b0fa.eba2.cbc8, irq 255

7: Ext: Ethernet0/6         : address is b0fa.eba2.cbc9, irq 255

8: Ext: Ethernet0/7         : address is b0fa.eba2.cbca, irq 255

9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255

10: Int: Not used            : irq 255

11: Int: Not used            : irq 255

Licensed features for this platform:

Maximum Physical Interfaces    : 8

VLANs                          : 20, DMZ Unrestricted

Inside Hosts                   : Unlimited

Failover                       : Active/Standby

VPN-DES                        : Enabled

VPN-3DES-AES                   : Enabled

SSL VPN Peers                  : 25

Total VPN Peers                : 25

Dual ISPs                      : Enabled

VLAN Trunk Ports               : 8

Shared License                 : Enabled

AnyConnect for Mobile          : Enabled

AnyConnect for Cisco VPN Phone : Enabled

AnyConnect Essentials          : Enabled

Advanced Endpoint Assessment   : Enabled

UC Phone Proxy Sessions        : 24

Total UC Proxy Sessions        : 24

Botnet Traffic Filter          : Enabled

This platform has an ASA 5505 Security Plus license.

Serial Number: JMX1710409T

Running Activation Key: 0xed12ee4a 0x8ce883be 0x81414cc8 0xe18414c8 0xc530fb85

Configuration register is 0x1

Configuration last modified by enable_15 at 04:43:59.839 UTC Wed Sep 18 2013

ciscoasa# sh flash

--#--  --length--  -----date/time------  path

  128  15390720    Mar 04 2013 13:24:38  asa825-k8.bin

  129  17989292    May 08 2013 20:06:48  asdm-712.bin

  130  26624       Jan 01 1980 00:00:00  FSCK0000.REC

   15  2048        Mar 04 2013 13:27:14  coredumpinfo

   16  59          Jun 01 2013 13:02:32  coredumpinfo/coredump.cfg

  131  27260928    May 08 2013 20:07:52  asa911-k8.bin

    3  2048        Mar 04 2013 13:32:54  log

   12  2048        Mar 04 2013 13:33:22  crypto_archive

   13  2048        Jul 09 2013 04:20:06  snmp

   14  4           Jul 23 2013 03:08:42  snmp/single_vf

  133  2048        Jan 01 1980 00:00:00  FSCK0001.REC

  134  12998641    Mar 04 2013 13:33:42  csd_3.5.2008-k9.pkg

  135  2048        Mar 04 2013 13:33:44  sdesktop

  145  1462        Mar 04 2013 13:33:44  sdesktop/data.xml

  136  6487517     Mar 04 2013 13:33:46  anyconnect-macosx-i386-2.5.2014-k9.pkg

  137  6689498     Mar 04 2013 13:33:50  anyconnect-linux-2.5.2014-k9.pkg

  138  4678691     Mar 04 2013 13:33:52  anyconnect-win-2.5.2014-k9.pkg

  139  2119        Jun 01 2013 13:02:30  8_2_5_0_startup_cfg.sav

  140  28672       Jan 01 1980 00:00:00  FSCK0002.REC

  141  2048        Jan 01 1980 00:00:00  FSCK0003.REC

  142  200         Aug 14 2013 02:57:50  upgrade_startup_errors_201308140257.log

  143  25251840    May 08 2013 20:07:20  asa844-5-k8.bin

128573440 bytes total (11132928 bytes free)

ciscoasa#  sh boot

BOOT variable =

Current BOOT variable =

CONFIG_FILE variable =

Current CONFIG_FILE variable =

ciscoasa# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(5)

Device Manager Version 7.1(2)

Compiled on Fri 20-May-11 16:00 by builders

System image file is "disk0:/asa825-k8.bin"

Config file at boot was "startup-config"

ciscoasa up 41 mins 8 secs

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz

Internal ATA Compact Flash, 128MB

BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05

0: Int: Internal-Data0/0    : address is b0fa.eba2.cbcb, irq 11

1: Ext: Ethernet0/0         : address is b0fa.eba2.cbc3, irq 255

2: Ext: Ethernet0/1         : address is b0fa.eba2.cbc4, irq 255

3: Ext: Ethernet0/2         : address is b0fa.eba2.cbc5, irq 255

4: Ext: Ethernet0/3         : address is b0fa.eba2.cbc6, irq 255

5: Ext: Ethernet0/4         : address is b0fa.eba2.cbc7, irq 255

6: Ext: Ethernet0/5         : address is b0fa.eba2.cbc8, irq 255

7: Ext: Ethernet0/6         : address is b0fa.eba2.cbc9, irq 255

8: Ext: Ethernet0/7         : address is b0fa.eba2.cbca, irq 255

9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255

10: Int: Not used            : irq 255

11: Int: Not used            : irq 255

Licensed features for this platform:

Maximum Physical Interfaces    : 8

VLANs                          : 20, DMZ Unrestricted

Inside Hosts                   : Unlimited

Failover                       : Active/Standby

VPN-DES                        : Enabled

VPN-3DES-AES                   : Enabled

SSL VPN Peers                  : 25

Total VPN Peers                : 25

Dual ISPs                      : Enabled

VLAN Trunk Ports               : 8

Shared License                 : Enabled

AnyConnect for Mobile          : Enabled

AnyConnect for Cisco VPN Phone : Enabled

AnyConnect Essentials          : Enabled

Advanced Endpoint Assessment   : Enabled

UC Phone Proxy Sessions        : 24

Total UC Proxy Sessions        : 24

Botnet Traffic Filter          : Enabled

This platform has an ASA 5505 Security Plus license.

Serial Number: JMX1710409T

Running Activation Key: 0xed12ee4a 0x8ce883be 0x81414cc8 0xe18414c8 0xc530fb85

Configuration register is 0x1

Configuration last modified by enable_15 at 04:43:59.839 UTC Wed Sep 18 2013

ciscoasa#  sh flash

--#--  --length--  -----date/time------  path

  128  15390720    Mar 04 2013 13:24:38  asa825-k8.bin

  129  17989292    May 08 2013 20:06:48  asdm-712.bin

  130  26624       Jan 01 1980 00:00:00  FSCK0000.REC

   15  2048        Mar 04 2013 13:27:14  coredumpinfo

   16  59          Jun 01 2013 13:02:32  coredumpinfo/coredump.cfg

  131  27260928    May 08 2013 20:07:52  asa911-k8.bin

    3  2048        Mar 04 2013 13:32:54  log

   12  2048        Mar 04 2013 13:33:22  crypto_archive

   13  2048        Jul 09 2013 04:20:06  snmp

   14  4           Jul 23 2013 03:08:42  snmp/single_vf

  133  2048        Jan 01 1980 00:00:00  FSCK0001.REC

  134  12998641    Mar 04 2013 13:33:42  csd_3.5.2008-k9.pkg

  135  2048        Mar 04 2013 13:33:44  sdesktop

  146  1462        Mar 04 2013 13:33:44  sdesktop/data.xml

  136  6487517     Mar 04 2013 13:33:46  anyconnect-macosx-i386-2.5.2014-k9.pkg

  137  6689498     Mar 04 2013 13:33:50  anyconnect-linux-2.5.2014-k9.pkg

  138  4678691     Mar 04 2013 13:33:52  anyconnect-win-2.5.2014-k9.pkg

  139  2119        Jun 01 2013 13:02:30  8_2_5_0_startup_cfg.sav

  140  28672       Jan 01 1980 00:00:00  FSCK0002.REC

  141  2048        Jan 01 1980 00:00:00  FSCK0003.REC

  142  200         Aug 14 2013 02:57:50  upgrade_startup_errors_201308140257.log

  143  25251840    May 08 2013 20:07:20  asa844-5-k8.bin

128573440 bytes total (11132928 bytes free)

ciscoasa#  sh flash

--#--  --length--  -----date/time------  path

  128  15390720    Mar 04 2013 13:24:38  asa825-k8.bin

  129  17989292    May 08 2013 20:06:48  asdm-712.bin

  130  26624       Jan 01 1980 00:00:00  FSCK0000.REC

   15  2048        Mar 04 2013 13:27:14  coredumpinfo

   16  59          Jun 01 2013 13:02:32  coredumpinfo/coredump.cfg

  131  27260928    May 08 2013 20:07:52  asa911-k8.bin

    3  2048        Mar 04 2013 13:32:54  log

   12  2048        Mar 04 2013 13:33:22  crypto_archive

   13  2048        Jul 09 2013 04:20:06  snmp

   14  4           Jul 23 2013 03:08:42  snmp/single_vf

  133  2048        Jan 01 1980 00:00:00  FSCK0001.REC

  134  12998641    Mar 04 2013 13:33:42  csd_3.5.2008-k9.pkg

  135  2048        Mar 04 2013 13:33:44  sdesktop

  146  1462        Mar 04 2013 13:33:44  sdesktop/data.xml

  136  6487517     Mar 04 2013 13:33:46  anyconnect-macosx-i386-2.5.2014-k9.pkg

  137  6689498     Mar 04 2013 13:33:50  anyconnect-linux-2.5.2014-k9.pkg

  138  4678691     Mar 04 2013 13:33:52  anyconnect-win-2.5.2014-k9.pkg

  139  2119        Jun 01 2013 13:02:30  8_2_5_0_startup_cfg.sav

  140  28672       Jan 01 1980 00:00:00  FSCK0002.REC

  141  2048        Jan 01 1980 00:00:00  FSCK0003.REC

  142  200         Aug 14 2013 02:57:50  upgrade_startup_errors_201308140257.log

  143  25251840    May 08 2013 20:07:20  asa844-5-k8.bin

128573440 bytes total (11132928 bytes free)

ciscoasa# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(5)

Device Manager Version 7.1(2)

Compiled on Fri 20-May-11 16:00 by builders

System image file is "disk0:/asa825-k8.bin"

Config file at boot was "startup-config"

ciscoasa up 44 mins 19 secs

Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz

Internal ATA Compact Flash, 128MB

BIOS Flash Firmware Hub @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05

0: Int: Internal-Data0/0    : address is b0fa.eba2.cbcb, irq 11

1: Ext: Ethernet0/0         : address is b0fa.eba2.cbc3, irq 255

2: Ext: Ethernet0/1         : address is b0fa.eba2.cbc4, irq 255

3: Ext: Ethernet0/2         : address is b0fa.eba2.cbc5, irq 255

4: Ext: Ethernet0/3         : address is b0fa.eba2.cbc6, irq 255

5: Ext: Ethernet0/4         : address is b0fa.eba2.cbc7, irq 255

6: Ext: Ethernet0/5         : address is b0fa.eba2.cbc8, irq 255

7: Ext: Ethernet0/6         : address is b0fa.eba2.cbc9, irq 255

8: Ext: Ethernet0/7         : address is b0fa.eba2.cbca, irq 255

9: Int: Internal-Data0/1    : address is 0000.0003.0002, irq 255

10: Int: Not used            : irq 255

11: Int: Not used            : irq 255

Licensed features for this platform:

Maximum Physical Interfaces    : 8

VLANs                          : 20, DMZ Unrestricted

Inside Hosts                   : Unlimited

Failover                       : Active/Standby

VPN-DES                        : Enabled

VPN-3DES-AES                   : Enabled

SSL VPN Peers                  : 25

Total VPN Peers                : 25

Dual ISPs                      : Enabled

VLAN Trunk Ports               : 8

Shared License                 : Enabled

AnyConnect for Mobile          : Enabled

AnyConnect for Cisco VPN Phone : Enabled

AnyConnect Essentials          : Enabled

Advanced Endpoint Assessment   : Enabled

UC Phone Proxy Sessions        : 24

Total UC Proxy Sessions        : 24

Botnet Traffic Filter          : Enabled

This platform has an ASA 5505 Security Plus license.

Serial Number: JMX1710409T

Running Activation Key: 0xed12ee4a 0x8ce883be 0x81414cc8 0xe18414c8 0xc530fb85

Configuration register is 0x1

Configuration last modified by enable_15 at 04:43:59.839 UTC Wed Sep 18 2013

No when i try to put int BVI command it does not work and also it does not take more than 3 vlan   interfaces

ciscoasa# sh flash

--#--  --length--  -----date/time------  path

  128  15390720    Mar 04 2013 13:24:38  asa825-k8.bin

  129  17989292    May 08 2013 20:06:48  asdm-712.bin

  130  26624       Jan 01 1980 00:00:00  FSCK0000.REC

   15  2048        Mar 04 2013 13:27:14  coredumpinfo

   16  59          Jun 01 2013 13:02:32  coredumpinfo/coredump.cfg

  131  27260928    May 08 2013 20:07:52  asa911-k8.bin

    3  2048        Mar 04 2013 13:32:54  log

   12  2048        Mar 04 2013 13:33:22  crypto_archive

   13  2048        Jul 09 2013 04:20:06  snmp

   14  4           Jul 23 2013 03:08:42  snmp/single_vf

  133  2048        Jan 01 1980 00:00:00  FSCK0001.REC

  134  12998641    Mar 04 2013 13:33:42  csd_3.5.2008-k9.pkg

  135  2048        Mar 04 2013 13:33:44  sdesktop

  146  1462        Mar 04 2013 13:33:44  sdesktop/data.xml

  136  6487517     Mar 04 2013 13:33:46  anyconnect-macosx-i386-2.5.2014-k9.pkg

  137  6689498     Mar 04 2013 13:33:50  anyconnect-linux-2.5.2014-k9.pkg

  138  4678691     Mar 04 2013 13:33:52  anyconnect-win-2.5.2014-k9.pkg

  139  2119        Jun 01 2013 13:02:30  8_2_5_0_startup_cfg.sav

  140  28672       Jan 01 1980 00:00:00  FSCK0002.REC

  141  2048        Jan 01 1980 00:00:00  FSCK0003.REC

  142  200         Aug 14 2013 02:57:50  upgrade_startup_errors_201308140257.log

  143  25251840    May 08 2013 20:07:20  asa844-5-k8.bin

128573440 bytes total (11132928 bytes free)

is this bug?

Regards

MAhesh

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎09-17-2013 11:25 PM

Hi Mahesh,

I think the ASA clears its configurations when you change it to Transparent Mode.

This means it also probably removes the following command

boot system flash:/.bin

As you can see your ASA has now booted with different software level that is 8.2. This is probably because no "boot system" command has been issue and the 8.2 software image file is on the ASA Flash before the newer software version file and therefore gets booted instead of the new software.

Between the 2 software versions we see in the above output there is a different in how Transparent firewall is configured. So I would suggest starting with defining the "boot system" command to use the new software and saving the configuration and booting the device and then trying again.

- Jouni

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎09-17-2013 11:25 PM

Hi Mahesh,

I think the ASA clears its configurations when you change it to Transparent Mode.

This means it also probably removes the following command

boot system flash:/.bin

As you can see your ASA has now booted with different software level that is 8.2. This is probably because no "boot system" command has been issue and the 8.2 software image file is on the ASA Flash before the newer software version file and therefore gets booted instead of the new software.

Between the 2 software versions we see in the above output there is a different in how Transparent firewall is configured. So I would suggest starting with defining the "boot system" command to use the new software and saving the configuration and booting the device and then trying again.

- Jouni

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Jouni Forss

‎09-18-2013 07:06 AM

Hi Jouni,

Sh boot  command output was blank.

so seems the config register  0x1  means if no boot file is config the ASA  picks first available image from flash in which caase it picked 8.2?

Thanks for the reply i did that saved the config and now ASA is working fine in transparent mode.

Regards

Mahesh

Message was edited by: mahesh parmar

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card