THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision | Publish Date | Comments |
---|---|---|
1.0
|
12-Sep-12
|
Initial Release
|
10.0
|
11-Oct-17
|
Migration to new field notice system
|
10.1
|
19-Mar-19
|
Updated the Defect Information Section
|
Affected Product ID | Comments |
---|---|
ASA5512-IPS-K8
|
|
ASA5512-IPS-K9
|
|
ASA5512-K7
|
|
ASA5512-K8
|
|
ASA5512-K9
|
|
ASA5515-IPS-K8
|
|
ASA5515-IPS-K9
|
|
ASA5515-K7
|
|
ASA5515-K8
|
|
ASA5515-K9
|
|
ASA5525-CU-K9
|
|
ASA5525-IPS-K8
|
|
ASA5525-IPS-K9
|
|
ASA5525-K7
|
|
ASA5525-K8
|
|
ASA5525-K9
|
|
ASA5545-CU-2AC-K9
|
|
ASA5545-IPS-K8
|
|
ASA5545-IPS-K9
|
|
ASA5545-K7
|
|
ASA5545-K8
|
|
ASA5545-K9
|
|
ASA5555-CU-2AC-K9
|
|
ASA5555-IPS-K8
|
|
ASA5555-IPS-K9
|
|
ASA5555-K7
|
|
ASA5555-K8
|
|
ASA5555-K9
|
Defect ID | Headline |
---|---|
CSCvf34445 | There were no defects filed with this field notice at the time of publication. |
ASA 5500-X security appliances that shipped from March 16, 2012 through June 11, 2012 contain the incorrect factory default configuration. This requires the user to follow special procedures for system initialization.
The ASA 5500-X appliances shipped from March 16, 2012 through June 11, 2012 were not loaded with the correct factory default configuration and must be initialized using special commands. The procedures contained in the Quick Start Guide are insufficient to properly initialize the affected units.
Users attempting to initialize the affected ASA 5500-X appliances using the Quick Start Guide will observe that the management 0/0 ports are in the down/down condition. In addition, ASDM for on box management is not accessible.
The factory default configuration can be applied using the following command:
asa# config factory-default
Note that the ASA 5515-X appliance does not support the command above due to Cisco bug ID CSCtz73669. The unit must be restored to the factory default configuration using the command series shown below.
asa# config t
clear config all
!
interface management0/0
nameif management
ip address 192.168.1.1 255.255.255.0
security-level 100
no shutdown
!
http server enable
http 192.168.1.0 255.255.255.0 management
!
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
logging asdm informational
All ASA 5500-X security appliances that shipped from March 16, 2012 through June 11, 2012 are affected.
The chassis serial number can be obtained by using either the CLI or through visual inspection of the ASA 5500-X appliance as shown below.
1) Using the Command Line Interface (CLI) - For appliances running ASA 8.6.1.2 and higher, obtain the chassis serial number of the appliance using the show inventory command:
asa# show inventory
Name: "Chassis", DESCR: "ASA5525-X with SW, 8 GE Data, 1 GE Mgmt, AC"
PID: ASA5525 , VID: V01 , SN:FTX1234ABCD
2) Visual inspection of the ASA 5500-X appliance - The chassis serial number label is located on the rear of the appliance. This method must be used if the unit is running ASA 8.6.1.1. The chassis serial number may also be referenced on the sales order documentation.
Please use the following link to validate your ASA 5500-X appliance serial number(s).
Cisco Serial Number Validation Tool
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.