Showing results for 
Search instead for 
Did you mean: 

asa 5520 can not reliably make changes to configuration

Level 1
Level 1

two 5520 in fail-over configuration

software version 8.2(2) device manager version 6.2(5)53

Creating vpn tunnels to basically identical devices has not worked reliably and im guessing that something is incorrect with the nat(0) statement.  So decided to reboot the asa and when it came backup, apparrently it had reverted to a default route from 11 weeks ago.  If i did a "sho route", it should the correct gateway, but if i did "sho run route" it showed the 11 week old gateway.  I deleted the 11 week old gateway and attempted to put in the correct gateway but it said that there was already an entry for that.  I turned both asa off and then powered on the primary first and was able to delete the route and put in the correct route.

I'm also having troubles deleteing vpn tunnels and when recreating the tunnel-group etc, it complains that the entry is already there.  Both the asdm and cli show the correct configuretion state when i delete things but only thru the cli will i get an error of the command already in place even though i deleted the configuration via cli or asdm.

I've been struggling with this for a while before deteremining that the configuration on asa doesn't appear to be updating correctly.

Thiis friday i am going to upgrade the ios to 8.2(23) to see what happens.

Thanks in advance for any input on this.

2 Replies 2

Panos Kampanakis
Cisco Employee
Cisco Employee

If the issue involved saving the config, then you could "fsck" the disk0: to format the flash.

Now if the problem is with the running config, hmmm...A TAC case would help.


Level 1
Level 1

I updated the asdm to 6.3(4) and updated software to 8.2(3).  I'm appear to be able to reliably make changes in both cli and asdm.

Review Cisco Networking for a $25 gift card