Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
201
Views
1
Helpful
8
Replies

3100 reimage package

Go to solution
ahmedFawzy
Level 1
Level 1

‎07-19-2025 11:21 PM

Hello

Which package should i download from cisco to reimage firepower 3140.

firepower 3140 download packages.PNG

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Enes Simnica
Level 3
Level 3

‎07-19-2025 11:43 PM

hello @ahmedFawzy To reimage a Cisco Firepower 3140, u should download the FTD (Firepower Threat Defense) install and upgrade package, not a patch or hotfix. Based on your screenshot, the correct file is:

Cisco_FTD_SSP_FP3K_Upgrade-7.4.2-172.sh.REL.tar
  • Release Date: 31-Jul-2024 & 
  • Size: 1473.50 MB

Also G, this package is a full system image, intended for fresh installs or reimaging. The message “Do not untar” means u should use the file as-is with FXOS or Firepower Chassis Manager, but don’t extract it manually.

Avoid using the patch or hotfix files (Patch or Hotfix_BR), those are only for existing FTD installations and won't work for a reimage. and hope it helps G...

EnesSimnica_0-1752993793670.png

-Enes

more Cisco?!
more Gym?!

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Enes Simnica
Level 3
Level 3

‎07-19-2025 11:43 PM

hello @ahmedFawzy To reimage a Cisco Firepower 3140, u should download the FTD (Firepower Threat Defense) install and upgrade package, not a patch or hotfix. Based on your screenshot, the correct file is:

Cisco_FTD_SSP_FP3K_Upgrade-7.4.2-172.sh.REL.tar
  • Release Date: 31-Jul-2024 & 
  • Size: 1473.50 MB

Also G, this package is a full system image, intended for fresh installs or reimaging. The message “Do not untar” means u should use the file as-is with FXOS or Firepower Chassis Manager, but don’t extract it manually.

Avoid using the patch or hotfix files (Patch or Hotfix_BR), those are only for existing FTD installations and won't work for a reimage. and hope it helps G...

EnesSimnica_0-1752993793670.png

-Enes

more Cisco?!
more Gym?!
0 Helpful

Go to solution
ahmedFawzy
Level 1
Level 1

‎07-20-2025 01:00 AM

i noticed in the reimage documnet that i should use .spa file to boot the device first then use the same file for the reimage itself.

you said that i should use the tar file for the reimage but how about the boot process.

 

the upgrade package contains these files :

cisco-ftd-fp3k.7.4.2.172.SPA.csp

fxos-k9-fp3k.7.4.2.172.SPAimage.png

0 Helpful

Go to solution
Enes Simnica
Level 3
Level 3
In response to ahmedFawzy

‎07-20-2025 02:00 AM

Sorry, I missed that part earlier, and u're absolutely right to point it out. (I blame the lack of sleep and the complex scenarios I've been dealing with lately LOOOL)

For reimaging a Firepower 3140 from scratch, u're actually going to use both the .SPA and the .sh.REL.tar files, but at different stages of the process.

The .SPA file (cisco-ftd-fp3k.7.4.2.172.SPA) is the boot image, and it’s required to bring the appliance into recovery mode, especially if u're starting from ROMMON or doing a USB or TFTP-based recovery. This step prepares the device to accept a new software image.

Now about the .sh.REL.tarfile, what I mentioned earlier: Cisco_FTD_SSP_FP3K_Upgrade-7.4.2-172.sh.REL.tar

That file is the correct image to install FTD. So no, what I said before wasn’t wrong, but it was incomplete. The .tar file can’t be used until the device is already in a recoverable or install-ready state, which is exactly what the .SPA file is for.

So in short, the .SPA boots the system into recovery, and the .sh.REL.tar does the actual reimage.

and man I really appreciate you catching that, and let me know if you’re using USB, TFTP, or chassis manager for the install and I can help with those steps too.

– Enes

more Cisco?!
more Gym?!

Go to solution
ahmedFawzy
Level 1
Level 1

‎07-20-2025 02:23 AM

Hello Enes,

I'm appreciating your help so much.

so do you mean with SPA file this file i mentioned before -> cisco-ftd-fp3k.7.4.2.172.SPA.csp , because here https://www.cisco.com/c/en/us/support/docs/security/firepower-1000-series/220642-reimage-a-secure-firewall-threat-defense.html the extension was only .SPA without CSP.

i will appreciate if you list the reimage steps with USP here. it's a new device 3100 running 7.2.8 with no configuration yet, i need to go to 7.4.2  

0 Helpful

Go to solution
Enes Simnica
Level 3
Level 3
In response to ahmedFawzy

‎07-20-2025 02:57 AM

@ahmedFawzy G. U're absolutely right to question that, and great eye for detail. and YES, the file u have:  cisco-ftd-fp3k.7.4.2.172.SPA.csp is the correct one.

The difference in extension (.SPA.csp vs .SPA) just reflects how Cisco now signs and packages newer images for added integrity checks. The .csp version is the modern secure format, and it's fully compatible with the USB reimage process, so no worries there, u’re on the right track.

Now, since u’re doing this on a fresh Firepower 3100 running 7.2.8 with no config, and you're upgrading to 7.4.2 using USB, here’s your step-by-step guide:

USB Reimage – Firepower 3100 (FTD 7.4.2)

  1. Format your USB drive to FAT32.
  2. Copy both files to the root of the USB:
  • cisco-ftd-fp3k.7.4.2.172.SPA.csp
  • Cisco_FTD_SSP_FP3K_Upgrade-7.4.2-172.sh.REL.tar

3. Plug the USB into the Firepower 3100.

4. Connect to the console port and reboot the appliance. Interrupt the boot to enter ROMMON (press ctrl+c when prompted..)

5. In ROMMON, boot from USB using:

boot usb0:/cisco-ftd-fp3k.7.4.2.172.SPA.csp

6. This boots into the Installer CLI (INSTALLER> prompt). From here, install the full FTD image:

install usb0:/Cisco_FTD_SSP_FP3K_Upgrade-7.4.2-172.sh.REL.tar

7. and for sure the process will format the system and install FTD 7.4.2 cleanly. Once complete, the device will reboot into the new image.....

check these links also: 

hope it helps G.........

 

-Enes

 

more Cisco?!
more Gym?!
Reimage Cisco FTD on 1000, 2100, and 3100 Series | Full Walkthrough & Best Practices
Reimage Cisco FTD on 1000, 2100, and 3100 Series | Full Walkthrough & Best Practices
youtube.com/watch?v=WR4w-3BEe2Q
In this Cisco Tech Talk, we walk through the process of completely reimaging Cisco Firepower Threat Defense (FTD) devices in the 1000, 2100, and 3100 Series. Learn when and why to reimage, how to prepare, and how to recover configurations for a smooth re-deployment. Related links: Cisco Secure ...
Perform a Complete Reimage of Firepower FTD 1000/2100
Perform a Complete Reimage of Firepower FTD 1000/2100
youtube.com/watch?v=0GfThwhXHk4
Perform a Complete Reimage of Firepower 1000/2100 and Secure Firewall 3100 with Firepower Threat Defense
REIMAGE CISCO FTD TO ASA SOFTWARE
REIMAGE CISCO FTD TO ASA SOFTWARE
youtube.com/watch?v=t-DzkcrwOKg
To reimage the threat defense to ASA software, you must access the ROMMON prompt. In ROMMON, you must erase the disks, and then use TFTP on the Management interface to download the ASA image; only TFTP is supported. After you reload the ASA, you can configure basic settings and then load the ...
0 Helpful

Go to solution
Enes Simnica
Level 3
Level 3

‎07-20-2025 05:47 AM

@ahmedFawzy. sorry bro, I’ve hit the limit for private messages today, so I can’t send any more right now. Would u like me to answer ur question here, or should I get back to u privately tomorrow?

more Cisco?!
more Gym?!
0 Helpful

Go to solution
ahmedFawzy
Level 1
Level 1

‎07-20-2025 05:57 AM

thank you for your help, you can reply me here 

https://community.cisco.com/t5/network-security/fmcv-license-upgrade/m-p/5311298#M1121905

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎07-20-2025 06:17 AM

check below guide re-image and upgrade :

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/reimage/asa-ftd-reimage.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents