How to run PFsense on a Cisco ASA 5516x
-
Hi friends,
Can you please help me identify and run pfsense on a Cisco ASA 5516x machine?
Quick Specs:
Intel C2758 SoC
8GB RAM
8 Gigabit Ethernet ports (i354 if I'm not mistaken)
1 RJ45 port (console + 1 management port)What I've done:
- Opened the machine, looked for the VGA pinout, but it wasn't there.
- Accessed the console, but I'm having trouble with ROMON, and I'm confused about how to disable ROMON.
Attachment: Photos that might be useful
Please help me.
-
Hmm, well you could try to tftp an image and boot it. But it would not surprise me to find it will only boot Cisco signed images.
Do you see anything before that? Any BIOS output?
-
I'm really confused about what to do. I bought this device because someone said almost all Cisco ASAs have a 15/16-pin IDC to VGA pinout. But I just realized that this model doesn't have a 15/16-pin IDC to VGA pinout.
I've been focused on finding the 15/16-pin IDC to VGA pinout, but I haven't tried using TFTP yet. I'll learn more.
I don't know, is this information helpful?
Cisco Systems ROMMON, Version 1.1.18, RELEASE SOFTWARE
Copyright (c) 1994-2020 by Cisco Systems, Inc.
Compiled Tue 09/15/2020 20:35:13.52 by wchen64Current image running: Boot ROM0
Last reset cause: PowerOn
DIMM Slot 0 : Present
DIMM Slot 1 : PresentPlatform ASA5516 with 8192 Mbytes of main memory
MAC Address: 70:xx:15:0b:xx:xxUse BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.Located '.boot_string' @ cluster 1298555.
Attempt autoboot: "boot disk0:/asa9-16-4-18-lfbff-k8.SPA"
Located 'asa9-16-4-18-lfbff-k8.SPA' @ cluster 865930.#####################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################
LFBFF signature verified.Linux version: 4.18.45-yocto-standard (oe-user@oe-host) #1 SMP Wed Mar 8 23:15:45 UTC 2023
kernel_image = 0x74400368, kernel_size=0x4bc2a0
Image validated
INIT: version 2.88 booting
Starting udev
Configuring network interfaces... done.
Starting random number generator daemon.
fsck.fat 4.1 (2017-01-24)
0x41: Dirty bit is set. Fs was not properly unmounted and some data may be corrupt.
Automatically removing dirty bit.
Starting check/repair pass.
Starting verification pass.
Performing changes.
/dev/sdb1: 114 files, 287535/1919830 clusters
dosfsck(/dev/sdb1) returned 1
Mounting /dev/sdb1
mkdir: cannot create directory '/dev/cgroups/memory/nlp': File exists
Starting random number generator daemon.
Configuring packages on first bolina_init_env: memif is not enabled.
System Cores 8 Nodes 1 Max Cores 32
IO Memory Nodes: 1
IO Memory Per Node: 499122176 bytes num_pages = 121856 page_size = 4096Global Reserve Memory Per Node: 314572800 bytes Nodes=1
LCMB: got DMA 499122176 bytes on numa-id=0, phys=0x00000001ad800000, virt=0x00007f1edee00000
LCMB: HEAP-CACHE POOL got 310378496 bytes on numa-id=0, virt=0x00007f1ecc400000total_reserved_mem = 499122176
total_heapcache_mem = 310378496
total mem 3900458226 system 8192225280 kernel 35386019 image 98629656
new 4002338141 old 4366175460 reserve 499122176 priv new 3538601984 priv old 3823482880
Processor memory: 3900458226
M_MMAP_THRESHOLD 65536, M_MMAP_MAX 59516
POST started...
POST finished, result is 0 (hint: 1 means it failed)Cisco Adaptive Security Appliance Software Version 9.16(4)18
Compiled on Fri 24-Mar-23 06:05 GMT by builders
Total NICs found: 14
i354 rev03 Gigabit Ethernet @ irq255 dev 20 index 08 MAC: 706d.xx0b.xxxx
ivshmem rev03 Backplane Data Interface @ index 09 MAC: 0000.0001.0002
en_vtun rev00 Backplane Control Interface @ index 10 MAC: 0000.0001.0001
en_vtun rev00 Backplane Int-Mgmt Interface @ index 11 MAC: 0000.0001.0003
en_vtun rev00 Backplane Ext-Mgmt Interface @ index 12 MAC: 0000.0000.0000
en_vtun rev00 Backplane Tap Interface @ index 13 MAC: 0000.0100.0001
WARNING: Attribute already exists in the dictionary.
Verify the activation-key, it might take a while...
Running Permanent Activation Key: 0x1f2xxxxx 0xdcxxxxxe 0xc4a04130 0xa10c184c 0x82350bb7Licensed features for this platform:
Maximum Physical Interfaces : Unlimited perpetual
Maximum VLANs : 150 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Active perpetual
Encryption-DES : Enabled perpetual
Encryption-3DES-AES : Enabled perpetual
Security Contexts : 2 perpetual
Carrier : Disabled perpetual
AnyConnect Premium Peers : 50 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 300 perpetual
Total VPN Peers : 300 perpetual
AnyConnect for Mobile : Enabled perpetual
AnyConnect for Cisco VPN Phone : Enabled perpetual
Advanced Endpoint Assessment : Enabled perpetual
Shared License : Disabled perpetual
Total TLS Proxy Sessions : 1000 perpetual
Botnet Traffic Filter : Disabled perpetual
Cluster : Enabled perpetual
Cluster Members : 2 perpetual
VPN Load Balancing : Enabled perpetualEncryption hardware device : Cisco ASA Crypto on-board accelerator (revision 0x1)
Cisco Adaptive Security Appliance Software Version 9.16(4)18
****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.htmlIf you require further assistance please contact us by
sending email to export@cisco.com.
******************************* Warning *******************************
Cisco Adaptive Security Appliance Software, version 9.16
Copyright (c) 1996-2023 by Cisco Systems, Inc.
For licenses and notices for open source software used in this product, please visit
http://www.cisco.com/go/asa-opensourceRestricted Rights LegendUse, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706Reading from flash...
!!.WARNING: Https on BVI works over VPN tunnel only when management-access is enabled on this interface
*** Output from config line 115, "http 192.168.1.0 255.255..."
..
Cryptochecksum (unchanged): d62c6170 08a5d0c4 c98ba865 a63aa91aINFO: Power-On Self-Test in process.
........................................................................
INFO: Power-On Self-Test complete.INFO: Starting HW-DRBG health test...
INFO: HW-DRBG health test passed.INFO: Starting SW-DRBG health test...
INFO: SW-DRBG health test passed.
User enable_1 logged in to ciscoasa
Logins over the last 1 days: 1.
Failed logins since the last login: 0.
Type help or '?' for a list of available commands.
ciscoasa> ▒
Rom image verified correctly -
Mmm, I've never poked at one of those. It may not have anything below rommon, like uboot etc. In which case you would need to either create an image that rommon will will accept or replace rommon with ome other bootloader/BIOS. Both of which are non-trivial!
It may have a second console header that shows more/different output.
-
@m782 said in How to run PFsense on a Cisco ASA 5516x:
Use BREAK or ESC to interrupt boot.
Does it accept input? Can you press ESC to interrupt the boot process?
And according to the Cisco doc (https://www.cisco.com/c/en/us/td/docs/security/asa/hw/maintenance/5508xguide/b_install_guide_5508/b_install_guide_5508_chapter_011.html) it should have an SSD. Maybe remove it and see how far it boots?
-
Yes, I've done it before, but I'm confused about what to do.
This is the result.
Cisco Systems ROMMON, Version 1.1.18, RELEASE SOFTWARE
Copyright (c) 1994-2020 by Cisco Systems, Inc.
Compiled Tue 09/15/2020 20:35:13.52 by wchen64Current image running: Boot ROM0
Last reset cause: PowerOn
DIMM Slot 0 : Present
DIMM Slot 1 : PresentPlatform ASA5516 with 8192 Mbytes of main memory
MAC Address: 70:xx:1x:0b:xx:b9Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.rommon 1 > ?
? Display this help menu
address Set the local IP address
boot Boot an application program
confreg Configuration register contents display and management
console Console BAUD rate display and configuration
dev Display a list of available file system devices
dir File directory display command
erase erase the specified file system
file Set the application image file path/name to be TFTPed
gateway Set the default gateway IP address
help "help" for this menu
"help <command>" for specific command information
history Show the command line history
netmask Set the IP subnet mask value
ping Test network connectivity with ping commands
server Set the TFTP server IP address
show Display system device and status information
tftpdnld Download and run the image defined by "FILE"
reboot Reboot the system
reload Reboot the system
repeat Repeat a CLI command
reset Reboot the system
set Display the configured environment variables
sync Save the environment variables to persistent storage
unset Clear a configured environment variablerommon 2 > set
ADDRESS=
NETMASK=
GATEWAY=
SERVER=
IMAGE=
CONFIG=
PS1="rommon ! > "rommon 3 > confreg
Configuration Register: 0x00000001
Configuration Summary
[ 0 ] password recovery
[ 1 ] display break prompt
[ 2 ] auto-boot image in disks
[ 3 ] console baud: 9600
boot: ...... auto-boot index 1 image in disksdo you wish to change the configuration? y/n [n]:
Rom image verified correctlyDo you have any good ideas?
-
@m782 said in How to run PFsense on a Cisco ASA 5516x:
Do you have any good ideas?
I'd would replace the SSD with another SSD with Linux on it and see how far it gets you.
If the internet is anything to go by then you really have to be able to get into the BIOS to disable the ROMMON. Logic would suggest that some pins on the motherboard have to be a VGA connector. But you would have to measure it out and be able to assemble a custom VGA cable and if successful it would include soldering. It could be the JTAG one.
An earlier revision of https://github.com/Axon07/Cisco-ASA-VGA-Pinout did mention the 5516x but I assume he/she realized that it doesn't have a VGA connector and remove the reference.
-
I actually "interviewed" someone on Reddit on a similar topic; they have installed OPNsense on ASA 5525-X and 5515-X. Here's what they told me:
https://www.reddit.com/r/opnsense/comments/147ot7f/comment/jnycohl/
I hope this is close enough to what you have on hand...
