Support User Manuals

Cisco Systems IPS 7.1 Home Security System User Manual

Open as PDF

of 1042

C-62

Cisco Intrusion Prevention System CLI Sensor Configuration Guide for IPS 7.1

OL-19892-01

Appendix C Troubleshooting

Troubleshooting the ASA 5500 AIP SSM

Mod Status

--- ------------------

0 Up Sys

1 Shutting Down

****************************************************

asa(config)# show module

Mod Card Type Model Serial No.

--- -------------------------------------------- ------------------ -----------

0 ASA 5520 Adaptive Security Appliance ASA5520 P2A00000014

1 ASA 5500 Series Security Services Module-10 ASA-SSM-10 P2A0000067U

Mod MAC Address Range Hw Version Fw Version Sw Version

--- --------------------------------- ------------ ------------ ---------------

0 000b.fcf8.7bdc to 000b.fcf8.7be0 0.2 1.0(10)0 7.0(4)

1 000b.fcf8.0176 to 000b.fcf8.0176 0.2 1.0(10)0 5.1(0.1)S153.0

Mod Status

--- ------------------

0 Up Sys

1 Up

asa(config)#

If you have problems with reimaging the ASA 5500 AIP SSM, use the debug module-boot command

to see the output as the module boots. Make sure you have the correct IP address for the TFTP server

and you have the correct file on the TFTP server. Then use the hw-module module 1 recover command

again to reimage the module:

asa(config)# hw-module module 1 recover configure

Image URL [tftp://0.0.0.0/]: tftp://192.0.2.0/IPS-SSM-K9-sys-1.1-a-5.1-0.1.i$

Port IP Address [0.0.0.0]: 10.89.150.227

VLAN ID [0]:

Gateway IP Address [0.0.0.0]: 10.89.149.254

asa(config)# debug module-boot

debug module-boot enabled at level 1

asa(config)# hw-module module 1 recover boot

The module in slot 1 will be recovered. This may erase all configuration and all data on

that device and attempt to download a new image for it.

Recover module in slot 1? [confirm]

Recover issued for module in slot 1

asa(config)# Slot-1 140> Cisco Systems ROMMON Version (1.0(10)0) #0: Fri Mar 25 23:02:10

PST 2005

Slot-1 141> Platform ASA-SSM-10

Slot-1 142> GigabitEthernet0/0

Slot-1 143> Link is UP

Slot-1 144> MAC Address: 000b.fcf8.0176

Slot-1 145> ROMMON Variable Settings:

Slot-1 146> ADDRESS=10.89.150.227

Slot-1 147> SERVER=10.89.146.1

Slot-1 148> GATEWAY=10.89.149.254

Slot-1 149> PORT=GigabitEthernet0/0

Slot-1 150> VLAN=untagged

Slot-1 151> IMAGE=IPS-SSM-K9-sys-1.1-a-5.1-0.1.img

Slot-1 152> CONFIG=

Slot-1 153> LINKTIMEOUT=20

Slot-1 154> PKTTIMEOUT=4

Slot-1 155> RETRY=20

Slot-1 156> tftp IPS-SSM-K9-sys-1.1-a-5.1-0.1.img@10.89.146.1 via 10.89.149.254

Slot-1 157> TFTP failure: Packet verify failed after 20 retries

Slot-1 158> Rebooting due to Autoboot error ...

Slot-1 159> Rebooting....

Slot-1 160> Cisco Systems ROMMON Version (1.0(10)0) #0: Fri Mar 25 23:02:10 PST 2005

previous next