This document describes different possible errors that occur because of the Cisco ASA flash corruption and also points the possible solutions.
There are no specific requirements for this document.
The information in this document is based on these software and hardware versions:
Cisco ASA 5500 series with software version 8.0 and later
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Cisco ASA maintains its filesystem in an internal flash memory and stores all the files in flash memory. This is a memory card inserted into a slot in the ASA. The capacity of this depends on the ASA hardware model. Refer to the Technical Specifications section in Table 8 of Cisco ASA Data Sheet for more information. This memory is referred to as flash or disk0.
When additional flash memory is needed, you could use an external flash card. Except for the ASA 5505 model, all other ASA models in 5500 series have an external compact flash card slot on the rear end of the device, which can be accessed by the user easily without the need to open the device. This flash card is also used to save the configuration files and referred to as disk1.
If the flash filesystem is properly accessed by the device and works properly, the device indicates this with a Solid Green on the Flash LED on the front panel of the device.
The contents of this filesystem can be verified with any of these commands:
dir —Displays the contents of the current directory.
Note: The default current directory is flash:/.
show flash: —Displays the contents of the internal flash memory.
show disk0 —Displays the contents of the internal flash memory.
show disk1 —Displays the contents of the external flash memory.
When there are issues with the access of the flash filesystem, you can complete these steps that explain troubleshooting procedures.
The term fsck is an acronym for filesystem check. This utility usually runs automatically at the start-up of the device and verifies for any anomalies within the filesystem in case of any abnormal events. It fixes the problem within the filesystem and save that as a recovery file. You can execute the fsck utility with the fsck flash: command.
The fsck utility repairs a corrupt filesystem. A successful fsck operation results in this output:
CiscoASA# fsck flash: Checking the boot sector and partition table... Checking FAT, Files and Directories... Reclaiming unused space... Updating FAT... Destroying old disk cache... Initializing disk0: cache, please wait......Done. fsck of flash: complete
In case of any filesystem corruption issues, the fsck utility generates recovery files namely fsck00??.rec. If you can view a number of these recovery files on the flash, these may result because of an automated testing process where the ASA might be power cycled too often. In general, these files do not contain any vital data and can be safely deleted with the delete command. Example is shown:
CiscoASA# delete fsck0012.rec
Note: The FSCK utility runs automatically at startup, so you can see these recovery files even if you did not manually enter the fsck command.
There are certain instances where these recovery files can be seen on the flash of a freshly ordered Cisco ASA appliances. A snippet of show flash: is shown:
96 -rwx 32768 00:00:00 Jan 01 1980 FSCK0000.REC 97 -rwx 32768 00:00:00 Jan 01 1980 FSCK0001.REC 99 -rwx 32768 00:00:00 Jan 01 1980 FSCK0002.REC 100 -rwx 32768 00:00:00 Jan 01 1980 FSCK0003.REC
This is due to a manufacturing testing and this behavior is filed in Cisco bug ID CSCtf63643 (registered customers only) . These FSCK files dated as 1980 due to when they are created with file description initialized to ZERO by the FSCK utility. These files can be deleted and after a device reboot, these files do not appear again. If these files appear again, you are advised to run a format operation.
If the flash filesystem stays unresponsive even after trying the fsck utility, you can format the flash to erase all the existing files and images. Flash system can be formatted with the format flash: command.
Note: Check on these actions before you perform the format utility:
Copy the running configuration to the tftp-server with the copy run tftp command OR
Copy the start-up configuration to the tftp-server with the copy start tftp command.
Take a backup from the output of the show version command; as you need to use the activation key.
There is another similar command that performs the same job as format do. It is shown here:
CiscoASA# erase flash:
This command overwrites all files and erases the file system, which includes hidden system files, and then reinstalls the file system. On Cisco ASA 5500 series security appliances, the erase command destroys all user data on the disk with the 0xFF pattern. In contrast, the format command only resets the file system control structures. When the erase option is used, it deletes all the information related to the licensing. You need to fetch the activation keys in order to retain the licenses on Cisco ASA. Refer to Cisco Licensing Web Page (registered customers only) for more information and in order to request the activation key.
Note: You need to have valid Cisco user credentials in order to access this web page.
If none of the previous steps works, then you can try to remove the erroneous flash card manually and replace it with another working flash card. Refer to these documents for a detailed step-by-step procedure in order to perform this task:
Note: Before you try to manually replace the card, you are advised to contact the Cisco TAC for further troubleshooting. The device should be under valid Cisco contract in order to open a TAC service request.
In this section, a list of widely known error messages related to the flash filesystem corruption are shown.
This error results when the show flash command is executed. It does not show any files in the output but this error message. This is a sample output of the command:
ASA#show disk0: -#- --length-- -----date/time------ path 23273472 bytes available (39673856 bytes used) File Allocation Table might be corrupted. Recommend running "fsck disk0:"
This behavior has been logged in Cisco bug ID CSCsl12010 (registered customers only) . When free memory is low (close to 0), show flash does not indicate any files and recommends to run FSCK operation. In this situation, wait for some time so that some memory becomes available by the running applications. Run the show flash command again and see if some memory is available. If the previous situation prevails, run the FSCK utility. At times, this error can also result when you try to save the configuration on the device.
Another bug, Cisco bug ID CSCsg16431 (registered customers only) , has been filed to address this behavior in the case of FWSM. This error results after an upgrade on the FWSM and can be resolved after you run the format utility.
This error resulted when this command is issued:
ASA# dir all-filesystems %Error opening disk0:/ (No such device) %Error opening system:/ (No such device) %Error opening cache:/ (No such device)
This error resulted when this command is issued:
ASA# fsck disk0: Initializing disk0: cache, please wait...Failed (Invalid DOS media or no media in slot error). Internal error, inode table initialization for disk0: failed with error Invalid DOS media or no media in slot %Error checking disk0: (Invalid DOS media or no media in slot) WARNING: Restoring security context mode failed.
This error resulted when this command is issued:
ASA# show flash: Initializing disk0: cache, please wait...Failed (Invalid DOS media or no media in slot error). %Error show flash: (Failed to initialize the Inode table)
The ASA reboot just after the boot up process is completed and after the software version upgraded to 8.3. This behavior is observed and filed as Cisco bug ID CSCtg94369 (registered customers only) . In order to rectify this, remove the original existing memory after 2 GB memory upgrade to 8.3 version.
When you boot the Cisco ASA device, this error message can appear:
ERROR: flash datafile corrupt found magic # 0x55aa55aa expected 0x1234567a
This error appears when you try to save the configuration with the wr mem command:
%Error opening disk0:/.private/startup-config (Read-only file system)
Error executing command
In order to resolve this, perform a filesystem check so that the error can be removed. This command sequence is presented for your reference.
CiscoASA# wr mem Building configuration... Cryptochecksum: 2e24ca48 2496fe80 51a4ecbb 81a2dba5 %Error opening disk0:/.private/startup-config (Read-only file system) Error executing command [FAILED] CiscoASA# fsck disk0 fsck of disk0: complete CiscoASA# pehac-a0-df01# fsck flash fsck of flash: complete CiscoASA# wr mem Building configuration... Cryptochecksum: 2e24ca48 2496fe80 51a4ecbb 81a2dba5 22851 bytes copied in 3.400 secs (7617 bytes/sec) [OK]
This error appears when the write mem command is executed.
%Error opening disk0:/.private/startup-config (Failed Sector Read) Error executing command [FAILED]
Format the flash drive in order to resolve this issue.
Can I hot-swap the flash drive? For example, is it possible to change the flash drive when Cisco ASA is powered ON and running?
It is always recommended that you turn off the Cisco ASA while you insert the flash drive. This disables all the running processes and allows the ASA to recognize the flash from the boot process.
Before you use any third party flash devices, you need to verify the compatibility with Cisco and verify if it is approved by Cisco. Cisco recommends to obtain the flash drives from a Cisco authorized seller so that it can be supported. Refer to Third Party Components - Cisco Policy for more information.
You need to complete the these steps.
Save the running-configuration to the startup-configuration.
Format the flash drive.
Restore all the image files through a tftp transfer.
No. As long as you do not reset the box, it does not affect it because the information related to those connections reside in RAM.
Yes. You need to complete these steps.
Copy the disk0 files to tftp.
Copy them from tftp to disk1.
Set the boot path accordingly.
There is also another option. You can also copy the files directly from the internal memory to the external memory with the copy disk0 disk1 command.
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.