Installing OpenWrt on a Cisco ASA 5505

Hi!

I recently got a Cisco ASA 5505 Firewall. Since it is not the newest one I decided to install OpenWRT.
As far as I know it uses an AMD Geode Processor so I went and downloaded the x86/geode/generic-kernel.bin but after copying it to a CF Card, plugging that card in and booting via RAMMON I was not able to get it working. After entering the boot command it outputs something like Booting...openwrt-geode.bin.
After that line the cursor jumps to the upper left corner of the screen and a weird C with a zigzag under it is displayed. I also tried the x86 generic kernel but after booting it I get the messga that a i686 CPU is needed but my machine only has a i586 cpu. I also tried the x86 legacy image. After booting the same as on the goede image happens.

Any ideas what I am doing wrong?
Thanks!

I assume you wrote the image to the card, not only copied it ?

1 Like

I didn't write the image I copied the kernel.bin to the card since the original firmware is only a bin file too.

Cisco is one of those vendors who are both known to use (very-) custom developed hardware and who want to make it hard to stray from their firmware. Therefore you might not be doing anything wrong, it might simply not be possible (or at least involve serious development to make it possible - which would hardly be worth the effort for geode based hardware).

Disclaimer: just raising this as a possibility, I have no experience with this hardware.

that is wrong in any case.

So you think I should write the ext4-combinded image to the card? But what file should I enter for the boot command?

yeah, that's not going to fly, you did less than half of the job required.

we don't think, we know.

what boot command, where ?

When the ASA boots I get into some kind of command line called "ROMMON". There I can execute commands like ping. But for booting there is the command "boot" it (I think) requires a bin file, or some kind of specific file. To boot the Cisco firmware I can enter "boot disk0:asa802-k8.bin". But after writing an image to the card what file should I point at?
Thanks!

if you write the combined image, the kernel will be there, too.

but it also comes with a boot loader, which I guess won't execute,
unless the device fails to auto boot because it's missing a boot loader,
in the 1st place.

trial and error.

So I should write the image and then point to the file that contains the kernel(in that case what would the path to it be)?
Btw. The default CF card uses FAT and I am not sure if the firewall supports ext4.
I'm sorry if what I am writing sounds stupid but I don't quite understand what you mean.

yes

/boot/kernel.bin, if I rememeber correctly.

not sure if the default FS of /dev/sda1 (boot partition) is ext4, it might be FAT, in worst case, you can probably make it FAT, and copy the kernel and files back in.

again, trial and error, I haven't tested it.

So I flashed the image now and well, I won't work. First off all there are two partitions now one named kernel with a boot folder. But that doesn't contain a kernel.bin file. Then there is the other partition named rootfs which looks like the filesystem. What should I do?
Thanks!

then it's called something else, vmlinuz ?
like I said, I wasn't sure.

you're the guy with the (possibly) incompatible device, and you're asking us ?

1 Like

So, It would be great if I could tell you about the progress. But well there is not that much. I tried booting vmlinuz, but the file was not found so I changed the Partitions to FAT and tried again. Now after boot disk0:/boot/vmlinuz the cursor jumps to the top left corner of the screen again and prints two square like characters. If I try to boot /boot/grub/boot.img the firewall tells me that this image is not bootable and if I try /boot/grub/core.img nothin happens but the firewall seems to recognize it as bootable.
Any other ideas what Icould try, what I could do in another way?

Thanks!

you will probably want to add some boot parameters to the vmlinuz, if the boot loader will allow you to.

you can find the default ones on the linux line in /boot/grub/grub.cfg

I can enter a "config file spec". But I don't know how the bootloader will give the config file to vmlinuz and in what format the config should be/what I should write in there. As far as I know are the entries in grub.cfg grub specific.

they're not, they're passed on to the kernel, by grub, your boot loader should do the same.
try booting the x86 combined image on your pc, from a flash drive, to see how it's supposed to work/look.

So I am supposed to pass the following using my config file?


linux /boot/vmlinuz root=PARTUUID=4228777a-02 rootwait   console=tty0 console=ttyS0,115200n8 noinitrd

skip linux, that's actually the grub parameter name.

could try root=/dev/sda2 too, instead of PARTUUID...

1 Like

Still no output or any other sign of life. The cursor just jumps to the top left and prints the weird c with a zigzag attached to the underside of it.

assuming Cisco haven't invented their own serial communication (what whatever you use) console=tty0 console=ttyS0,115200n8 should generate output on a serial port when you trigger the boot.
unless the boot param isn't passed on to the kernel.