Reusing a cisco asa 5525x after its EOL as home server. This is a documentation of my setup process.
I have no background with this kind of hardware. It is a learning opportunity for me. Don't expect anything to be best practice.
Feel free to raise an issue for questions.
The Cisco ASA 5525-x is a firewall appliance. Its end of life was in 2025.
It uses mostly standard hardware.
user@cisco-asa
OS: Ubuntu 24.04 noble
Kernel: x86_64 Linux 6.8.0-90-generic
Uptime: 28m
Packages: 770
Shell: bash 5.2.21
Disk: 7.5G / 56G (15%)
CPU: Intel Xeon X3430 @ 4x 2.395GHz
GPU: ASPEED Technology, Inc. ASPEED Graphics Family
RAM: 477MiB / 7931MiB # ECC DDR3- 8x 1Gbit/s ethernet
- 1x management port
- 1x console port
- 2x usb A (2.0?)
- 2.5" drive bay with cage
- PCIe x8 slot (Cisco seems to sell specific modules, but a riser with 90° adapter is installed as empty module. No opening in the back.)
- 2x SATA ports
- first used for 2.5" drive bay
- second is open and there is power connector (don't know the specifics)
- eUSB slot (populated with 8GB module in my case)
The article by Domini Polizzi on medium was quite helpful.
- VGA terminal block Amazon Link (optionally an VGA Port HD15F Adapter to IDC16)
- 15 male to female jumper wires
- keyboard
- VGA display and cable
- 2.5" drive
- usb drive to images
- network cable
- power cable
- Cisco Console Cable Amazon Link
ROMMON is a custom firmware from Cisco. It needs to be disabled in the bios. After that it can boot from any drive.
In my case the console output was not redirected to the serial interface. I had to use the VGA header on the mainboard. Please check out the VGA Header page for more information.
On my system the BIOS key is F2.
It takes quite some time for the bios splashscreen to show.
In the bios go to boot and disable ROMMON.
In order not to use the VGA output I used a Cisco console cable to access the system via the serial connection.
To output the BIOS to serial, the console output needs to be redirected to to COM1.
I used minicom to output the serial data.
I set the bits per second to 115200 for a faster refresh and to match the settings in my Ubuntu server installation.
Now it is ready to be used as a server.
- install storage (2.5" drive)
- change boot order
- temporarily disable secure boot
- setup a os
In my case a graphical OS installer for Ubuntu Desktop 24.04 via the VGA output was not working. Ubuntu server 24.04 was working.
My appliance came with an installed 8GB eUSB module.
- eUSB stands for embedded USB
- The connector is smaller than a standard USB 2 mainboard header and also the pinout is different
- eUSB uses USB2, but more lanes to reach higher speeds
I will try to install an OS to it later.
I installed Ubuntu server on the machine. Please see check my notes here.
The management port does not work without Cisco software/firmware. It seems to require a license and in this case is only working when using the Cisco ASA soft-/firmware.
There is a bcm configuration option in the bios.
- static ip: unable to change values
- dynamic ip: no ip is assigned
In Ubuntu values can be configure with ipmitools, but changes have no effect.
Changing configuration via ROMMON was not successful either.
Opinion of AI on this: it does not work without Cisco software and license. Firmware is locked down.
After hours of tinkering, I do share this opinion.
On Ubuntu 24.04.3 LTS server with no changes to the standard installation the idle power draw is about 46W. Running a stress test (stress-ng -c 20 --timeout 120) the power consumption was 100.9W.
On Ubuntu the PWM control does not work and fans are running at the same level (probably max settings).
