Hi, I am new to ASA and I am trying to downloand a file from tftp server to ASA. I can ping my tftp server but I am unable to download it.

This is a lab/test environment. Please see the configs/logs attached. Any help will be appreciated.

Cheers, Aun

========Configs/Logs=========

ciscoasa# sh run

: Saved

:

ASA Version 8.4(2)

!

hostname ciscoasa

enable password 2KFQnbNIdI.2KYOU encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface GigabitEthernet0

nameif management

security-level 0

ip address 192.168.50.2 255.255.255.0

!

interface GigabitEthernet1

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet2

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet3

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet4

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet5

shutdown

no nameif

no security-level

no ip address

!

ftp mode passive

pager lines 24

logging enable

logging buffered debugging

mtu management 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

user-identity default-domain LOCAL

aaa authentication ssh console LOCAL

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

telnet timeout 5

ssh 192.168.50.0 255.255.255.0 management

ssh timeout 5

console timeout 0

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

username cisco password 3USUcOPFUiMCO4Jk encrypted privilege 15

!

!

prompt hostname context

no call-home reporting anonymous

crashinfo save disable

Cryptochecksum:5d065a1797c80ef2a00214d4e450b86c

: end

ciscoasa#

ciscoasa#

ciscoasa# ping 192.168.50.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.50.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms

ciscoasa#

ciscoasa#

ciscoasa# copy tftp flash

Address or name of remote host []? 192.168.50.1

Source filename []? asdm-649-103.bin

Destination filename [asdm-649-103.bin]?

Accessing tftp://192.168.50.1/asdm-649-103.bin...

WARNING: TFTP download incomplete!

%Error reading tftp://192.168.50.1/asdm-649-103.bin (Unspecified Error)

ciscoasa#

ciscoasa# sh log

Syslog logging: enabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Debug-trace logging: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: level debugging, 62 messages logged

    Trap logging: disabled

    Permit-hostdown logging: disabled

    History logging: disabled

    Device ID: disabled

    Mail logging: disabled

    ASDM logging: disabled

User 'Config' executed the 'threat-detection statistics access-list' command.

%ASA-5-111010: User 'Config', running 'N/A' from IP 0.0.0.0, executed 'threat-detection statistics access-list'

%ASA-5-111008: User 'Config' executed the 'no threat-detection statistics tcp-intercept' command.

%ASA-5-111010: User 'Config', running 'N/A' from IP 0.0.0.0, executed 'no threat-detection statistics tcp-intercept'

%ASA-5-502101: New user added to local dbase: Uname: cisco Priv: 15 Encpass: 3USUcOPFUiMCO4Jk

%ASA-5-111008: User 'Config' executed the 'username cisco password * encrypted privilege 15' command.

%ASA-5-111010: User 'Config', running 'N/A' from IP 0.0.0.0, executed 'username cisco password * encrypted privilege 15'

%ASA-5-111008: User 'Config' executed the 'prompt hostname context' command.

%ASA-5-111010: User 'Config', running 'N/A' from IP 0.0.0.0, executed 'prompt hostname context'

%ASA-5-111008: User 'Config' executed the 'no call-home reporting anonymous' command.

%ASA-5-111010: User 'Config', running 'N/A' from IP 0.0.0.0, executed 'no call-home reporting anonymous'

%ASA-5-111008: User 'Config' executed the 'crashinfo save disable' command.

%ASA-5-111010: User 'Config', running 'N/A' from IP 0.0.0.0, executed 'crashinfo save disable'

%ASA-4-411001: Line protocol on Interface management, changed state to up

%ASA-4-713903: IKE reserved IPSec UDP port 10000 on interface management successfully

%ASA-6-720002: (VPN-Secondary) Starting VPN Stateful Failover Subsystem...

%ASA-6-720003: (VPN-Secondary) Initialization of VPN Stateful Failover Component completed successfully

%ASA-6-720004: (VPN-Secondary) VPN failover  main thread started.

%ASA-6-720005: (VPN-Secondary) VPN failover timer thread started.

%ASA-6-720006: (VPN-Secondary) VPN failover sync thread started.

%ASA-6-721001: (WebVPN-Secondary) WebVPN Failover SubSystem started successfully.

%ASA-4-411001: Line protocol on Interface GigabitEthernet0, changed state to up

%ASA-4-411001: Line protocol on Interface management, changed state to up

%ASA-6-713905: IKE port 10000 for IPSec UDP already reserved on interface management

%ASA-3-742001: failed to read master key for password encryption from persistent store

%ASA-6-199002: Startup completed.  Beginning operation.

%ASA-5-502103: User priv level changed: Uname: enable_15 From: 1 To: 15

%ASA-5-111008: User 'enable_1' executed the 'enable' command.

%ASA-7-111009: User 'enable_15' executed cmd: show interface ip brief

%ASA-7-111009: User 'enable_15' executed cmd: show running-config

%ASA-7-609001: Built local-host identity:192.168.50.2

%ASA-7-609001: Built local-host management:192.168.50.1

%ASA-6-302020: Built outbound ICMP connection for faddr 192.168.50.1/0 gaddr 192.168.50.2/30441 laddr 192.168.50.2/30441

%ASA-5-111008: User 'enable_15' executed the 'ping 192.168.50.1' command.

%ASA-5-111010: User 'enable_15', running 'CLI' from IP 0.0.0.0, executed 'ping 192.168.50.1'

%ASA-6-302021: Teardown ICMP connection for faddr 192.168.50.1/0 gaddr 192.168.50.2/30441 laddr 192.168.50.2/30441

%ASA-7-609002: Teardown local-host identity:192.168.50.2 duration 0:00:00

%ASA-7-609002: Teardown local-host management:192.168.50.1 duration 0:00:00

%ASA-7-710005: UDP request discarded from 192.168.50.1/55299 to management:239.255.255.250/1900

%ASA-7-710005: UDP request discarded from 192.168.50.1/55299 to management:239.255.255.250/1900

%ASA-7-710005: UDP request discarded from 192.168.50.1/55299 to management:239.255.255.250/1900

%ASA-7-710005: UDP request discarded from 192.168.50.1/55299 to management:239.255.255.250/1900

%ASA-7-710005: UDP request discarded from 192.168.50.1/55299 to management:239.255.255.250/1900

%ASA-7-710005: UDP request discarded from 192.168.50.1/55299 to management:239.255.255.250/1900

%ASA-7-609001: Built local-host identity:192.168.50.2

%ASA-7-609001: Built local-host management:192.168.50.1

%ASA-6-302015: Built outbound UDP connection 2 for management:192.168.50.1/69 (192.168.50.1/69) to identity:192.168.50.2/46959 (192.168.50.2/46959)

%ASA-5-111008: User 'enable_15' executed the 'copy tftp flash' command.

ciscoasa#

ciscoasa#

===========END=============