This section explains the firmware upgrade procedure in Cisco ASA 5545 Firewall
- Download and Copy the Cisco ASA 5545 firmware files to host (computer/laptop) folder.
- Login to Firewall with Cisco console cable and USB-to-Serial DB9 converter and Enter “Username” and “Password” at the login prompt to log in to switch.
- Enter enable password to get into configuration mode.
- Establish a direct connection to firewall “Management0/0” from the host (computer/laptop) by configuring the below IP settings in it. Laptop/Host Computer IP: 192.168.1.2
Subnet Mask: 255.255.255.252
- Check for reachability from host to ASA firewall and vice versa.
ping 192.168.1.2 from Firewall and 192.168.1.1 from Laptop.
INB_ASA5545# ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
—————————————————————————————————————————————–
ping 192.168.1.1 from Host Command prompt.
C:\Users\Inb>ping 192.168.1.1
Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time=1ms TTL=255
Reply from 192.168.1.1: bytes=32 time<1ms TTL=255
Reply from 192.168.1.1: bytes=32 time<1ms TTL=255
Reply from 192.168.1.1: bytes=32 time<1ms TTL=255
Ping statistics for 192.168.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
6. Check for Memory space in firewall to upload the ASA Firmware file.
“show flash” or “dir” or “show disk0:”
INB_ASA5545# sh flash:
–#– –length– —–date/time—— path
12 4096 Mar 30 2017 20:59:34 log
<output omitted>
8238202880 bytes total (4777369600 bytes free)
You have enough memory to upload a firmware file to Firewall.
7. Before copying the firmware file to a firewall, you should run “tftp” server and select the firmware file which you want to upload to the device.
below window will appear when you open Tftp server and in Current directory browse to the folder where the firmware file is saved.
To verify that you selected the correct firmware file, Press the “Show Dir” button.
8. To copy Firmware to firewall now go to firewall command prompt and execute below command ;
INB_ASA5545# copy tftp://192.168.1.2 flash:asa984-10-smp-k8.bin
### in above command -asa984-10-smp-k8 is the firmware file name which I selected, this file name should match the firmware you selected in Browser and use .bin in the end to complete the command.)####
INB_ASA5545# copy tftp://192.168.1.2 flash:asa984-10-smp-k8.bin
Address or name of remote host [192.168.1.2 ]?
Source filename []? asa984-10-smp-k8.bin
Destination filename [asa984-10-smp-k8.bin]?
Accessing tftp://192.168.1.2 /asa984-10-smp-k8.bin…!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Verifying file disk0:/asa984-10-smp-k8.bin…
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asa984-10-smp-k8.bin…
111550464 bytes copied in 74.760 secs (1507438 bytes/sec)
9. Verify boot variable to set the new firmware file to the boot system.
“show bootvar” or “show running-config boot system”
INB_ASA5545# sh bootvar
BOOT variable =
Current BOOT variable =
CONFIG_FILE variable =
Current CONFIG_FILE variable =
Here no firmware file set to bootvar,
Set the new firmware file to bootvar.
INB_ASA5545# config t
INB_ASA5545(config)# no boot system disk0:/file-name
INB_ASA5545(config)#
INB_ASA5545(config)# boot system disk0:/asa984-10-smp-k8.bin
10.Set ASDM file in Firewall to access firewall through GUI.
To set “ASDM” file
INB_ASA5545(config)# no asdm image disk0:/asdm-782-151.bin (delete the previous image to look file name which previous have to use Show Dir command in firewall )
INB_ASA5545(config)# asdm image disk0:/asdm-7122.bin
11. Reboot Firewall to install new firmware file.
INB_ASA5545#reload
Proceed with reload? [confirm] press Enter.
12. After reboot , to verify new firmware and ASDM version use below command
INB_ASA5545# sh version
Cisco Adaptive Security Appliance Software Version 9.8(4)10
Firepower Extensible Operating System Version 2.2(2.121)
Device Manager Version 7.12(2)
<output omitted>