Cisco ASA 9.2 on Cisco ASA 5505 with Unsupported Memory Configuration Fail

EDIT: 16/11/2015 – It looks like it now works. I am currently running asa924-2-k8.bin on my 5505s, with my 1GB sticks of RAM, and it hasn’t complained! 🙂

The Cisco ASA 5505 officially supports a maximum of 512MB RAM.

Last year I wrote a post detailing a small experiment I done where I upgrade both my Cisco ASA 5505s to use 1GB sticks of RAM, double the officially supported value.

Since then, it has worked great and both boxes have been chilling out in my rack, but recently Cisco released ASA 9.2.

The full list of new features and changes can be read in the release notes, but the feature I was most excited about was BGP support being added.

The ASA has had OSPF support for some time, but it was lacking BGP, which I always thought was a feature it should have. Now that it has been added, I was quite excited to play with it!

So I grabbed the latest 9.1 image (asa921-k8.bin), and dropped it on both my ASAs. Switched the bootloader configuration to load the new image. Next I reloaded the secondary device, and waited for it to come back up. Half an hour later, nothing. So I connected a serial cable to see what’s up, and to my surprise I find that it not doing anything. It’s just stuck saying:

Loading disk0:/asa921-k8.bin...

Initially I wasn’t really sure what was causing this, so I tried switching out the RAM and putting the stock 512MB stick that I got with the box, and magic! It worked.

I’m quite disappointed that my 1GB sticks won’t work with 9.2, but it’s not a huge loss. My Cacti graphs I only use around 300MB anyway!

Memory Usage on my Cisco ASA 5505s
Memory Usage on my Cisco ASA 5505s

I’m going to have to buy a 512MB stick for my secondary ASA, as now they refuse to be in a failover configuration due to having different software versions and different memory sizes.

Alternatively, I’m thinking of just replacing these boxes with something else. My ISP (Virgin Media) will be upgrading my line to 152Mbit/s later this year. The ASA 5505 only has 100Mbit ports so I will be losing 52Mbits! I don’t want that, so I’ll have to get something faster. I’ll probably either go with just a custom Linux box with IPtables, or maybe a virtual ASA now that Cisco offers that! 🙂

Home Lab: Added a Cisco 3845 ISR

Why? Well, I wanted more ISRs in my home lab.

That, plus my ISP (Virgin Media), will be upgrading my line from 120mbit to 152mbit in the second half of 2014. Looking at the Cisco docs, the 2851 ISR I am using can only do up to around 112mbit/s.

Although there is a long time for my ISP to go forward with this upgrade, I saw the 3845 going reasonably cheap on eBay, cheaper than what I expect it will be next year when my ISP WILL have upgraded my line. So, I decided to just buy it now. 🙂

I am really starting to have a problem with space for my home lab.  My rack is already pretty much fully populated, so I now have equipment on top of, and surrounding my rack. I don’t really have space for a second rack at the moment, so it looks like I can’t expand my lab any more for a while. Oh well. 🙁

Moving Back to London and Virgin Media

Two weeks ago, I moved back to London.

At my place in Cambridge, I had a 100mbit connection from Virgin Media, which I wanted to cancel as my parents already have a connection from Virgin Media so there wasn’t any need for me to move mine along with me!

So I called up VM, and they informed me that as I was still in contract, I would have to pay some ridiculous amount to cancel the contract (I think it may have been £280).

Alternatively, the other option was one which I was not aware of!

Usually, Virgin Media do not allow people to have two connections from them under a single address, BUT, in cases such as mine, they allow it!

So, instead of paying £280 or whatever it was, I decided it’d work out much cheaper if I just move my connection with me. It’d be nice to have anyway! 🙂

Today, the Virgin Media guys arrived at my house. Their first reaction was shock at seeing my server rack, but they were pretty nice guys. I did have to explain what I use all this equipment for, and had to explain how terrible the SuperHub actually is! 🙂

They didn’t really have to do much, they just really had to add a splitter and give me two new coax cables going from the splitter to the two modems. They did mention their frustration at VirginMedia about having to do installations for the more technical people when those technical people could really just do it themselves, and I totally agree! 😀

For some reason, they had to switch out my old SuperHub, and gave me a new one which has a matt-finish instead of the glossy look my old one had. I’m not sure if there is any other difference other than that, not that I care, I enabled modem mode ASAP so I don’t have to deal with this terrible device too much. 🙂

I was a little worried that I might not get the full bandwidth on both connections, but it looks like I am!

Next steps are to figure out how to do load-balancing on my Cisco 2821 ISR.

Virgin Media Cable Wall Outlet Two way splitter VirginMedia SuperHub and other goodies