I have two 5525-Xs in active/passive failover. I'm running 9.6(2) at my primary site (I'm upgrading in the next couple days because of cisco-sa-20180129-asa1) and would like to upgrade the Sourcefire modules to make sure I won't have any compatibility issues. I have the upgrade path, I have the .sh files, and I'm ready to try this out.
I can upgrade the Sourcefire module using ASDM in the "primary" firewall just fine, but I'm not quite sure how to approach upgrading the Sourcefire module in the standby firewall. I can remote exec, but I'm not sure you can upgrade via CLI on these in an sfr console session - at least I wasn't able to figure that out quite yet. Both firewalls (primary and standby) have IP addresses accessible in my public block, but regardless of which one you access, you just get the primary (active) firewall.
What's the best way to do an upgrade on a Sourcefire module in a standby mate? I've looked through a bunch of articles and have read some other posts, but nothing seems to cover this situation.
As a side note, I don't have FireSIGHT. I use ASDM or CLI to do everything.
Thanks for any help.
