https file upload to ASA flash

Alexander Hartmaier · ‎01-26-2010

Hi guys,

we want to automate the firmware and asdm file upload to our ton of ASAs but I can't find out the specifics.

I want to mimic ASDM which does a https post to fqdn/admin/disk0/filename-on-flash.

I found out that 'Content-Length' in the http header has to be set else the asa rejects the request as bad request.

My problem is that the upload stalls some bytes before finishing and then the connection times out.

SCP would be an option too if it didn't take nearly 80% cpu and is extremly slow, about 35kbytes/sec.

Thanks, Alex

Farrukh Haroon · ‎02-03-2010

I would suggest using SCP over HTTP. Its more secure and the CLI would give your more control.

I assume you don't have Cisco Security Manager in your environment (which could actually be good )

Regards

Farrukh

Alexander Hartmaier · ‎02-03-2010

SCP over HTTP doesn't exist.

Do you mean just SCP?

For whatever reason SCP leads to about 80% cpu usage and a speed of just 35kb/sec.

I've already reverse-engineered what ASDM does and can now upload files using https.

No we don't have CSM, after evaluation last year it didn't meet our needs besides its horrendous costs.

Farrukh Haroon · ‎02-03-2010

Sorry I meant that you should use 'scp' instead of 'http' as it is more secure. Did not know you were using HTTPS (and not regular HTTP).

Regards

Farrukh

Alexander Hartmaier · ‎02-03-2010

The ASA doesn't support HTTP, just HTTPS.

mistertom · ‎11-27-2024

There is an example of HTTPS file upload to ASA using curl here Cisco Secure Firewall ASA HTTP Interface for Automation - Cisco