What to do if your ASA boots into ROMMON

Hello There,

Today we are going to talk about what to do if your ASA firewall image gets corrupted and the device boots into romoon.

In order to get a new OS on the device, we will need to setup a TFTP server.

Below are the setting you will need to config in ROMMON in order to download the OS from the TFTP Server.



Step1: You need to connect a PC with TFTP server on a firewall port (e.g Ethernet0/0). Then enter the following commands on the ASA.

rommon #1> ADDRESS=
rommon #2> SERVER=
rommon #3> GATEWAY=
rommon #4> IMAGE=asa832-k9.bin
rommon #5> PORT=Ethernet0/0

The above configuration will assign an IP address of to interface Ethernet0/0 of the firewall appliance. It will also tell the firewall that the TFTP SERVER is at address and the image to load is asa832-k9.bin

Step2: Execute the TFTP upload from the ASA using:

rommon #6> tftp

The above instructs the firewall to start uploading the image file from TFTP.

After the firewall reboots, login and check that the new image has been installed (show version).

Thanks is it you are done.


CCIE Task Force - Team