September 14, 2012
NOTICE:
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision History
Revision Date Comment
Products Affected
Products Affected
Problem Description
ASA 5500-X security appliances that shipped from March 16, 2012 through June 11, 2012 contain the incorrect factory default configuration. This requires the user to follow special procedures for system initialization.
Background
The ASA 5500-X appliances shipped from March 16, 2012 through June 11, 2012 were not loaded with the correct factory default configuration and must be initialized using special commands. The procedures contained in the Quick Start Guide are insufficient to properly initialize the affected units.
Problem Symptoms
Users attempting to initialize the affected ASA 5500-X appliances using the Quick Start Guide will observe that the management 0/0 ports are in the down/down condition. In addition, ASDM for on box management is not accessible.
Workaround/Solution
The factory default configuration can be applied using the following command:
asa# config factory-default
Note that the ASA 5515-X appliance does not support the command above due to Cisco bug ID CSCtz73669. The unit must be restored to the factory default configuration using the command series shown below.
asa# config t
clear config all
!
interface management0/0
nameif management
ip address 192.168.1.1 255.255.255.0
security-level 100
no shutdown
!
http server enable
http 192.168.1.0 255.255.255.0 management
!
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
!
logging asdm informational
How To Identify Hardware Levels
All ASA 5500-X security appliances that shipped from March 16, 2012 through June 11, 2012 are affected.
The chassis serial number can be obtained by using either the CLI or through visual inspection of the ASA 5500-X appliance as shown below.
1) Using the Command Line Interface (CLI) - For appliances running ASA 8.6.1.2 and later, obtain the chassis serial number of the appliance using the show inventory command:
asa# show inventory
Name: "Chassis", DESCR: "ASA5525-X with SW, 8 GE Data, 1 GE Mgmt, AC"
PID: ASA5525 , VID: V01 , SN:FTX1234ABCD
2) Visual inspection of the ASA 5500-X appliance - The chassis serial number label is located on the rear of the appliance. This method must be used if the unit is running ASA 8.6.1.1. The chassis serial number may also be referenced on the sales order documentation.
Please use the following link to validate your ASA 5500-X appliance serial number(s).
Cisco Serial Number Validation Tool
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.