Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2788
Views
0
Helpful
2
Replies

Unable to copy software onto ASA 5505

grischast
Level 1
Level 1

‎03-16-2012 04:48 AM - edited ‎03-11-2019 03:43 PM

Dear all

Since we use SSL-VPN a lot on a customers ASA 5505 I just wanted to copy

asa825-26-k8.bin onto the device.

The process starts normally, prints a lot of !!!!!!!! and then cancels with

%Error writing disk0:/asa825-26-k8.bin (Cannot allocate memory)

I have deleted a lot of junk from the flash and things did not change. Since I have expected some filesystem error i have then reformatted disk0: sucessfully. Guess what, I still cannot copy any software image to the device.

Well, then I have found

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml

saying that we simply do not have enough free memory (RAM).

#sh mem det                                  

Free memory:                      49264352 bytes (18%)

Used memory:

     Allocated memory in use:    128731424 bytes (48%)

     Reserved memory:             90439680 bytes (34%)

-----------------------------   ----------------

Total memory:                    268435456 bytes (100%)

Dynamic Shared Objects(DSO):          0 bytes

Least free memory:       39704392 bytes (15%)

Most used memory:       228731064 bytes (85%)

MEMPOOL_DMA POOL STATS:

Non-mmapped bytes allocated =   39583744

Number of free chunks       =         75

Number of mmapped regions   =          0

Mmapped bytes allocated     =          0

Max memory footprint        =   39583744

Keepcost                    =    8095592

Max contiguous free mem     =    8095592

Allocated memory in use     =   31384616

Free memory                 =    8199128

OK, now the problem is quite urgent since there is absolutely no software on the ASA and in case of a power loss or some other problem we are lost.

I have already followed the hints

no threat-detection basic-threat

no threat-detection statistics tcp-intercept

no threat-detection statistics

webvpn

no enable outside

But nothing changes in respect to the free memory.

Urgent questions:

1. How do we get a software image back onto the device?

2. I could simply prepare another device and replace it with minimum downtime. BUT: How do we get Security Plus license and SSL VPN license onto the new device prior the replacement?

Thanks for any hint,

Grischa

Labels:
0 Helpful
2 Replies 2

grischast
Level 1
Level 1

‎03-16-2012 02:59 PM

Well, in case anyone is ending up in the same annoying situation....

I have cleared all the webvpn configuration and then - yeah - the device was willing to release some memory at last.

And it appeared to be enough to copy a current software image back onto the flash disk.

But I think the default 256MByte RAM of the older 5505 devices and even the 128MByte flash are way too small if it comes to webvpn. I have tried around with a spare device and with current 8.2.5-26 it is impossible to install the anyconnect-3-svc-images or a couple of anyconnect-2-images.

Grischa

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to grischast

‎03-17-2012 08:33 AM

Yes, memory on older devices is too small when you start loading in latest software and supporting files. That's why Cisco has more memory (512 MB now on ASA 5505) on all newer shipments of those devices and all new platforms.

At some point, you should look at an upgrade to a current hardware platform. You are running the smallest ASA with the least amount of memory. Cisco hasn't announced a direct replacement for the 5505 but the 5525-X is very nice in comparison to the 5520 it replaced. Much higher performance and lots of memory. See the data sheet.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card