Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
836
Views
10
Helpful
6
Replies

ASA 5506 Can't access To ROMMON

khalidanahi
Level 1
Level 1

‎08-11-2022 01:39 AM

Hello Everyone.

Due a technical problem (electricity), the firewall suddenly stopped and no longer wants to start, I had to reset it with ROMMON, after restarting the following message is displayed:

Rom image verified correctly


Cisco Systems ROMMON, Version 1.1.8, RELEASE SOFTWARE
Copyright (c) 1994-2015 by Cisco Systems, Inc.
Compiled Thu 06/18/2015 12:15:56.43 by builders


Current image running: Boot ROM0
Last reset cause: LocalSoft
DIMM Slot 0 : Present

Platform ASA5506 with 4096 Mbytes of main memory
MAC Address: f8:0b:cb:f8:0a:a6


INFO: PASSWORD RECOVERY functionality is disabled.
Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.

WARNING: Password recovery and ROMMON command line access has been
disabled by your security policy. Answering YES below will cause ALL
configurations, passwords, images in 'disk0:' to be erased.
ROMMON command line access will be re-enabled, and a new image must be
downloaded via ROMMON.

Permanently erase 'disk0:'?Yes 

media drive disk0: not present
Attempt autoboot: "boot disk0:"
media drive disk0: not present
boot: cannot determine first file name on device "disk0:"
autoboot: All boot attempts have failed.
autoboot: Restarting the system.

I changed the SSD disk from another broken firewall, and still the same problem.

I can't access to ROMMON 

 

Help Please.

0 Helpful
6 Replies 6

MHM Cisco World
VIP
VIP

‎08-11-2022 02:54 AM

https://community.cisco.com/t5/network-security/reimage-from-firepower-threat-defense-to-asa-problem/td-p/2993282

the image you use is not for ASA HW. 
Check link above 

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎08-11-2022 02:58 AM

@khalidanahi wrote:
INFO: PASSWORD RECOVERY functionality is disabled.

WARNING: Password recovery and ROMMON command line access has been
disabled by your security policy. Answering YES below will cause ALL
configurations, passwords, images in 'disk0:' to be erased.
ROMMON command line access will be re-enabled, and a new image must be
downloaded via ROMMON.

I hope someone has backed up the config because the person who disabled password-recovery (without realizing what it can do) deserves a medal.  

0 Helpful

khalidanahi
Level 1
Level 1
In response to Leo Laohoo

‎08-11-2022 07:41 AM

Unfortunately, the person who did this is gone, I have no config worries, I just want to start the firewall to exploit it

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to khalidanahi

‎08-15-2022 04:43 PM - edited ‎08-15-2022 04:45 PM

If you do the password-recovery, the config gets erased.

"no service password-recovery" can easily be abused by any disgruntled staff member -- Because it is comically easily to turn on.  

khalidanahi
Level 1
Level 1

‎08-15-2022 04:31 AM

!hello Everyone.

 

could someone help me

khalidanahi
Level 1
Level 1

‎08-16-2022 05:59 AM

Hello Leo 

Thank you for your reply.
Bah Yes it's easy to activate and the result can be seen.
by the way I want to start the firewall to exploit it, the config I don't care

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card