cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1587
Views
0
Helpful
5
Replies

ASA 5585-X Firepower Upgrade

Faisal Mehmood
Level 1
Level 1

Hi I need some assistance in identifying which version to use for firepower module. I want to upgrade both FMC and SFR to vet 6.2.x. I understand it is multi upgrade process. 

 

ASA: 9.6(3)

FMC: 5.4.1

SFR: 5.3.7

 

I understand the FMC updates process that you have to download from Cisco and then upload to FMC

But for SFR module I tried the download updates in FMC and it doesn’t download sfr updates. I then logged into Cisco downloads and there are .sh and .img version. Which version will I need to upload to FMC to upgrade SFR module?

1 Accepted Solution

Accepted Solutions

miculp
Cisco Employee
Cisco Employee

The FMC will only download patches for itself and attached devices, it will not download "upgrades". The one you'll use will have the .sh extension in order to upgrade from the FMC.

 

Going from 5.4 to 6.0 is no small feat. Should you need assistance, reach out to tac or engage your account team for advanced services help. If the latter isn't an option thoroughly review all release notes before pulling the trigger on an upgrade. Pay close attention to upgrade paths and software compatibility.

View solution in original post

5 Replies 5

Nikolaj Pabst
Level 5
Level 5

Hi Faisal,

I would do a reimage of your SFR Module and add it to the FMC once more. I have seen a lot of bugs in the path while upgrading. You can ofcause apply the same policys from your FMC to the new SFR module.

To do the upgrade do the following procedure:

 

https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html

Thanks Nioklaj. The link you mentioned is not for 5585-X and there is not a lot I could find on the community pages either. 

Marvin Rhoads
Hall of Fame
Hall of Fame

Downloading directly in FMC will only see second ordinal and smaller releases.

 

For example, if you have 6.1.1 and there is a 6.1.2 available it will download that. If will not download 6.2.

 

The idea is that you should pause and read the release notes when going between major or first ordinal minor releases. Then download them manually and proceed to stage them on FMC in preparation for upgrade.

miculp
Cisco Employee
Cisco Employee

The FMC will only download patches for itself and attached devices, it will not download "upgrades". The one you'll use will have the .sh extension in order to upgrade from the FMC.

 

Going from 5.4 to 6.0 is no small feat. Should you need assistance, reach out to tac or engage your account team for advanced services help. If the latter isn't an option thoroughly review all release notes before pulling the trigger on an upgrade. Pay close attention to upgrade paths and software compatibility.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: