Solved: Re: Cisco 5510 ASA configuration issues

allsoulsknight · ‎03-10-2018

Greetings all!

I'm currently trying to upgrade the IOS of a 5510 ASA by using SolarWinds TFTP server on an isolated workstation that is connected to the management port of the ASA via straight-through cable.

I've verified the management interface is up/up with an IP address properly configured, and the workstation in question's NIC is configured with an IP address in the same subnet. The issue that arose is that I couldn't verify connectivity between the two devices. When I attempted a ping from the workstation to the ASA's IP address, the command prompt showed a "destination unreachable" from the IP address of the NIC. When I attempted to ping the workstation's IP address from the ASA, it simply displayed "No route to host".

I've been unsuccessful in configuring a static route between the two, as whenever I input "Route ?" from global config it shows:

configure mode commands/options:[blank space here]

current available interface(s):[blank space here]

How can I go about enabling the management port, or any of the Ethernet ports for that matter, to route to the workstation I've loaded the IOS file to?

Thanks!

johnd2310 · ‎03-10-2018

Hi,

What is the configuration of the management network? You should have something like this

interface Management0/0
nameif mgmt
security-level 100
ip address 192.168.1.1 255.255.255.0
no shutdown

and the workstation will have ip address 192.168.1.2 255.255.255.0 and default gateway 192.168.1.1

If you are connecting the workstation directly to the management interface, you do not need to configure a static route to the workstation because they are directly connected.

Thanks

John

**Please rate posts you find helpful**

View solution in original post

johnd2310 · ‎03-10-2018

Hi,

What is the configuration of the management network? You should have something like this

interface Management0/0
nameif mgmt
security-level 100
ip address 192.168.1.1 255.255.255.0
no shutdown

and the workstation will have ip address 192.168.1.2 255.255.255.0 and default gateway 192.168.1.1

If you are connecting the workstation directly to the management interface, you do not need to configure a static route to the workstation because they are directly connected.

Thanks

John

**Please rate posts you find helpful**

allsoulsknight · ‎03-13-2018

John,

I think it was the security level bit that I was missing. I'm CCENT certified and working towards CCNA R&S so I know a fair bit about configuring Routers and Switches, but I was learning as I went along with the ASA device so that part completely flew over my head.

The only other differences between what you suggested and what I had previously was the IP addresses (the workstation was 10.1.1.1 /24 and the ASA was 10.1.1.2 /24) and I hadn't named the interface itself.

Thanks for your help!

Dennis Mink · ‎03-11-2018

have you tried:

copy tftp://x.x.x.x/filename;int=management flash:

run wireshark on you tftp server to see if the tftp request actually hits it from the asa

Please remember to rate useful posts, by clicking on the stars below.