Cisco ASA 9.2 on Cisco ASA 5505 With Unsupported Memory Configuration Fail
The Cisco ASA 5505 officially supports a maximum of 512MB RAM.
Last year I wrote a post detailing a small experiment I done where I upgrade both my Cisco ASA 5505s to use 1GB sticks of RAM, double the officially supported value.
Since then, it has worked great and both boxes have been chilling out in my rack, but recently Cisco released ASA 9.2.
The full list of new features and changes can be read in the release notes, but the feature I was most excited about was BGP support being added.
The ASA has had OSPF support for some time, but it was lacking BGP, which I always thought was a feature it should have. Now that it has been added, I was quite excited to play with it!
So I grabbed the latest 9.1 image (
asa921-k8.bin), and dropped it on both my ASAs. Switched the bootloader configuration to load the new image. Next I reloaded the secondary device, and waited for it to come back up. Half an hour later, nothing. So I connected a serial cable to see what’s up, and to my surprise I find that it not doing anything. It’s just stuck saying:
Initially I wasn’t really sure what was causing this, so I tried switching out the RAM and putting the stock 512MB stick that I got with the box, and magic! It worked.
I’m quite disappointed that my 1GB sticks won’t work with 9.2, but it’s not a huge loss. My Cacti graphs I only use around 300MB anyway!
I’m going to have to buy a 512MB stick for my secondary ASA, as now they refuse to be in a failover configuration due to having different software versions and different memory sizes.
Alternatively, I’m thinking of just replacing these boxes with something else. My ISP (Virgin Media) will be upgrading my line to 152Mbit/s later this year. The ASA 5505 only has 100Mbit ports so I will be losing 52Mbits! I don’t want that, so I’ll have to get something faster. I’ll probably either go with just a custom Linux box with IPtables, or maybe a virtual ASA now that Cisco offers that! 🙂