UUncategorized

Cisco ASA Lost Config After Power Cycle

  • byJordan
  • June 27, 2012
  • 1 minute read

I ran into this recently where a Cisco ASA was powered off accidentally, and lost a whole month of config changes. The firewall still operated because it still had a config, just nothing from a month ago.

I then decided to log into the Cisco ASA and type “write mem” and got the following error.

Result of the command: "write mem"


Building configuration...


Cryptochecksum: 22387bc0 13130870 b142ffd2 c97d2014


%Error opening disk0:/.private/startup-config (Read-only file system)


Error executing command


[FAILED]

This is what Cisco had to say about the issue.

 

Error when wr mem command issued

This error appears when you try to save the configuration with the wr mem command:

%Error opening disk0:/.private/startup-config (Read-only file system)

Error executing command

In order to resolve this, perform a filesystem check so that the error can be removed. This command sequence is presented for your reference.

CiscoASA# wr mem
Building configuration…
Cryptochecksum: 2e24ca48 2496fe80 51a4ecbb 81a2dba5

%Error opening disk0:/.private/startup-config (Read-only file system)
Error executing command
[FAILED] CiscoASA# fsck disk0

fsck of disk0: complete
CiscoASA#
pehac-a0-df01# fsck flash

fsck of flash: complete
CiscoASA# wr mem
Building configuration…
Cryptochecksum: 2e24ca48 2496fe80 51a4ecbb 81a2dba5

22851 bytes copied in 3.400 secs (7617 bytes/sec)
[OK]

What really grinds my gears is that I didn’t get a notification from ASDM GUI that the “write mem” command failed!

Here’s more information from Ciscos website:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080b95d3d.shtml

DDrafts

How to Combat Conficker on a Large Network

  • byJordan
  • September 18, 2009
  • 1 minute read

The following is information and tools for dealing with a Conficker Outbreak on a Large Enterprise Network with lots of clients.

How to unlock all of your Active Directory Accounts with a script.

Const ADS_SCOPE_SUBTREE = 2
Const ADS_UF_LOCKOUT = &H10

Set objRootDSE = GetObject(“LDAP://rootDSE”)
strDNSDomain = objRootDSE.Get(“defaultNamingContext”)

Set objCommand = CreateObject(“ADODB.Command”)
Set objConnection = CreateObject(“ADODB.Connection”)
objConnection.Provider = “ADsDSOObject”
objConnection.Open “Active Directory Provider”
objCommand.ActiveConnection = objConnection

StartNode = strDNSDomain
SearchScope = “subtree”

‘Filterstring = “(&(objectCategory=Person)(objectClass=User)” _
‘& “(userAccountControl:1.2.840.113556.1.4.803:=16))” ‘find locked out accounts (bitwise)

Filterstring = “(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))”   ‘not sure which is better

Attributes = “adspath”

LDAPQuery = “<LDAP://” & StartNode & “>;” & FilterString & “;” _
& Attributes & “;” & SearchScope

objCommand.CommandText = LDAPQuery
objCommand.Properties(“Page Size”) = 100
objCommand.Properties(“Timeout”) = 30
objCommand.Properties(“Cache Results”) = False
Set objRecordSet = objCommand.Execute

If NOT objRecordSet.eof Then
objRecordSet.MoveFirst
While Not objRecordset.EOF
Set objuser = GetObject(objRecordSet.Fields(“AdsPath”).Value)
objUser.IsAccountLocked = False
objUser.SetInfo
objRecordSet.MoveNext
Wend
End If

objRecordset.Close
objConnection.Close
Set objRootDSE = Nothing
Set objConnection = Nothing
Set objRecordSet = Nothing

msgbox “All users are now unlocked!”

WScript.Quit(0)