Upgrading Cisco ASA5505

SOURCE: http://www.cisco.com/c/en/us/td/docs/security/asa/asa93/upgrade/upgrade93.html

REQUIREMENT:
-Please backup current config before doing anything
-Download and install
SolarWind tftp http://www.solarwinds.com/products/freetools/free_tftp_server.aspx or
tftpd64 http://tftpd32.jounin.net/tftpd32_download.html or
Serva 32/64 http://www.vercot.com/~serva/download.html

-Download from Cisco
Cisco ASA5505 firmware
asdm-731-101.bin
anyconnect-win-3.1.05187-k9.pkg
anyconnect-macosx-i386-3.1.05187-k9.pkg
anyconnect-linux-64-3.1.05187-k9.pkg
rdp02.24.2014.jar
ssh.12.21.2013.jar
vnc.12.21.2013.jar

Check current version
# show version
Cisco Adaptive Security Appliance Software Version 8.2(5)
Device Manager Version 6.4(5)
Compiled on Fri 20-May-11 16:00 by builders
System image file is “disk0:/asa825-k8.bin”
Config file at boot was “startup-config”
ciscoasa up 27 secs
Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-5505 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Int: Internal-Data0/0 : address is 4c4e.3591.c2e3, irq 11
1: Ext: Ethernet0/0 : address is 4c4e.3591.c2db, irq 255
2: Ext: Ethernet0/1 : address is 4c4e.3591.c2dc, irq 255
3: Ext: Ethernet0/2 : address is 4c4e.3591.c2dd, irq 255
4: Ext: Ethernet0/3 : address is 4c4e.3591.c2de, irq 255
5: Ext: Ethernet0/4 : address is 4c4e.3591.c2df, irq 255
6: Ext: Ethernet0/5 : address is 4c4e.3591.c2e0, irq 255
7: Ext: Ethernet0/6 : address is 4c4e.3591.c2e1, irq 255
8: Ext: Ethernet0/7 : address is 4c4e.3591.c2e2, irq 255
9: Int: Internal-Data0/1 : address is 0000.0003.0002, irq 255
10: Int: Not used : irq 255
11: Int: Not used : irq 255
Licensed features for this platform:
Maximum Physical Interfaces : 8
VLANs : 3, DMZ Restricted
Inside Hosts : 10
Failover : Disabled
VPN-DES : Enabled
VPN-3DES-AES : Enabled
SSL VPN Peers : 2
Total VPN Peers : 10
Dual ISPs : Disabled
VLAN Trunk Ports : 0
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
This platform has a Base license.
Serial Number: JMX1711Z145
Running Activation Key: 0xf22ec473 0x4c0370a8 0xa472ada0 0x8fa8142c 0x09031bab
Configuration register is 0x1
Configuration has not been modified since last system restart.

# show flash:
–#– –length– —–date/time—— path
104 15390720 Mar 14 2013 12:01:34 asa825-k8.bin
105 26624 Jan 01 1980 00:00:00 FSCK0000.REC
13 2048 Mar 14 2013 12:03:04 coredumpinfo
14 43 Mar 14 2013 12:03:04 coredumpinfo/coredump.cfg
106 16280544 Mar 14 2013 12:03:48 asdm-645.bin
3 2048 Mar 14 2013 12:08:58 log
12 2048 Dec 31 2013 23:38:30 crypto_archive
116 394148 Dec 30 2013 07:01:30 crypto_archive/crypto_eng0_arch_1.bin
117 394148 Dec 31 2013 23:38:30 crypto_archive/crypto_eng0_arch_2.bin
108 2048 Jan 01 1980 00:00:00 FSCK0001.REC
109 12998641 Mar 14 2013 12:09:46 csd_3.5.2008-k9.pkg
110 2048 Mar 14 2013 12:09:48 sdesktop
120 1462 Mar 14 2013 12:09:48 sdesktop/data.xml
111 6487517 Mar 14 2013 12:09:50 anyconnect-macosx-i386-2.5.2014-k9.pkg
112 6689498 Mar 14 2013 12:09:54 anyconnect-linux-2.5.2014-k9.pkg
113 4678691 Mar 14 2013 12:09:56 anyconnect-win-2.5.2014-k9.pkg
114 26624 Jan 01 1980 00:00:00 FSCK0002.REC
115 2048 Jan 01 1980 00:00:00 FSCK0003.REC
127004672 bytes total (63283200 bytes free)

# copy tftp://192.168.88.101/asa922-4-k8.bin disk9:/asa922-4-k8.bin

# sh flash:
–#– –length– —–date/time—— path
104 15390720 Mar 14 2013 12:01:34 asa825-k8.bin
105 26624 Jan 01 1980 00:00:00 FSCK0000.REC
13 2048 Mar 14 2013 12:03:04 coredumpinfo
14 43 Mar 14 2013 12:03:04 coredumpinfo/coredump.cfg
106 16280544 Mar 14 2013 12:03:48 asdm-645.bin
3 2048 Mar 14 2013 12:08:58 log
12 2048 Dec 31 2013 23:38:30 crypto_archive
118 394148 Dec 30 2013 07:01:30 crypto_archive/crypto_eng0_arch_1.bin
119 394148 Dec 31 2013 23:38:30 crypto_archive/crypto_eng0_arch_2.bin
108 2048 Jan 01 1980 00:00:00 FSCK0001.REC
109 12998641 Mar 14 2013 12:09:46 csd_3.5.2008-k9.pkg
110 2048 Mar 14 2013 12:09:48 sdesktop
121 1462 Mar 14 2013 12:09:48 sdesktop/data.xml
111 6487517 Mar 14 2013 12:09:50 anyconnect-macosx-i386-2.5.2014-k9.pkg
112 6689498 Mar 14 2013 12:09:54 anyconnect-linux-2.5.2014-k9.pkg
113 4678691 Mar 14 2013 12:09:56 anyconnect-win-2.5.2014-k9.pkg
114 26624 Jan 01 1980 00:00:00 FSCK0002.REC
115 2048 Jan 01 1980 00:00:00 FSCK0003.REC
123 30468096 Oct 18 2014 01:30:40 asa922-4-k8.bin

Check current boot image

# show running-config boot system
-remove any existing boot configuration af any
hostname(config)# no boot system disk0:/cdisk.bin
hostname(config)# no boot system disk0:/asa825-k8.bin

Change boot to new image
(config)# boot system disk0:/asa922-4-k8.bin
(config)# end

Delete old asa825-k8.bin files
# delete flash:/asa825-k8.bin
Delete filename [asa825-k8.bin]?
Delete disk0:/asa825-k8.bin? [confirm]

Upgrade ASDM

# copy tftp://192.168.88.101/asdm-731-101.bin disk0:/asdm-731-101.bin
(config)# asdm image disk0:/asdm-731-101.bin

Delete old ASDM
# delete flash:/asdm-645.bin
Delete filename [asdm-645.bin]?
Delete disk0:/asdm-645.bin? [confirm]

Upgrade anyconnect files too
anyconnect-win-3.1.05187-k9.pkg
anyconnect-macosx-i386-3.1.05187-k9.pkg
anyconnect-linux-64-3.1.05187-k9.pkg

Import plugin
(config)#import webvpn plug-in protocol ssh,telnet tftp://192.168.88.101/ssh.12.21.2013.jar
(config)# import webvpn plug-in protocol vnc tftp://192.168.88.101/vnc.12.21.2013.jar
(config)# import webvpn plug-in protocol rdp tftp://192.168.88.101/rdp02.24.2014.jar
# wr
# reload
# sh ver
Cisco Adaptive Security Appliance Software Version 9.2(2)4
Device Manager Version 7.3(1)101
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s