Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
708
Views
0
Helpful
2
Replies

do i need to install any software on new ASA firewall

Go to solution
LionKin1984
Level 1
Level 1

‎02-06-2014 03:09 AM - edited ‎03-11-2019 08:41 PM

Hello Folks

I have just took a shining brand new ASA 5512-x firewall out of box this morning, question: -

do i need to install any software on it? i.e IOS image? Cisco Adaptive Security Device Manager?

or does ASA firewall come with all software already installed?

Thanks

I have been practising ASA using GNS3, this is my first time configuring a REAL ASA                  

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎02-06-2014 03:18 AM

Hi,

To be able to use the ASA you generally dont have to install any software (either OS or ASDM). Though I guess usually there is a certain software level to which the admin wants to set the firewall according to the existing production ASAs.

The ASAs usually come with software that isnt the very latest so in some cases you might want to load updated software to the device before starting to configure them.

You can use the following commands on the ASA CLI to get some information about the current situation

You can use this command to see if the OS and ASDM image files that are used in boot have been set

show run boot

show run asdm

If they are not set then you can check the Flash memory for what images you have available (though usually I guess its only 1 of each)

dir flash:

You can naturally also use the following command to show the current software versions used when the ASA has booted

show version

They should be pretty early in the output.

I imagine that generally you can keep the ASDM version always at the newest version no matter what OS the ASA is using. Naturally going to the newest ASDM version is not always needed.

You can check the following page for the Release Notes of the ASA software and look what has been added or changed on each software version

http://www.cisco.com/en/US/docs/security/asa/roadmap/asa_new_features.html

I have not had that good expiriences of always moving to the latest softwares. Last time our ASA came unusable. Usually the reason to update is getting support for new features or fixing a bug in the current software.

But as I mentioned, to be able to use the ASA you dont HAVE to install any software as each ASA comes with the OS and ASDM imagine files so they should be ready to use. Naturally they come with some default configuration you probably wont use. I usually start by clearing the configurations on the CLI and then configure what I need.

Hope this helps

- Jouni

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎02-06-2014 03:18 AM

Hi,

To be able to use the ASA you generally dont have to install any software (either OS or ASDM). Though I guess usually there is a certain software level to which the admin wants to set the firewall according to the existing production ASAs.

The ASAs usually come with software that isnt the very latest so in some cases you might want to load updated software to the device before starting to configure them.

You can use the following commands on the ASA CLI to get some information about the current situation

You can use this command to see if the OS and ASDM image files that are used in boot have been set

show run boot

show run asdm

If they are not set then you can check the Flash memory for what images you have available (though usually I guess its only 1 of each)

dir flash:

You can naturally also use the following command to show the current software versions used when the ASA has booted

show version

They should be pretty early in the output.

I imagine that generally you can keep the ASDM version always at the newest version no matter what OS the ASA is using. Naturally going to the newest ASDM version is not always needed.

You can check the following page for the Release Notes of the ASA software and look what has been added or changed on each software version

http://www.cisco.com/en/US/docs/security/asa/roadmap/asa_new_features.html

I have not had that good expiriences of always moving to the latest softwares. Last time our ASA came unusable. Usually the reason to update is getting support for new features or fixing a bug in the current software.

But as I mentioned, to be able to use the ASA you dont HAVE to install any software as each ASA comes with the OS and ASDM imagine files so they should be ready to use. Naturally they come with some default configuration you probably wont use. I usually start by clearing the configurations on the CLI and then configure what I need.

Hope this helps

- Jouni

0 Helpful

Go to solution
LionKin1984
Level 1
Level 1
In response to Jouni Forss

‎02-06-2014 03:33 AM

Thanks a lot Jouni. Much Appreciated!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card