cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4212
Views
0
Helpful
24
Replies

Anyone brave enough to try 6.3.0 yet?

matty-boy
Level 1
Level 1

As per title. Firepower 6.3.0 been out for 8 days now. Anybody tried it in production yet?

 

What's the lowdown on the good, the bad and the ugly?

 

We have a LARGE customer deployment that we need to upgrade from 6.2.2.X.

 

We're trying to decide whether to go to 6.2.3.7 or 6.3.0....

 

Cheers,

Matt.

24 Replies 24

phil.hydea
Level 1
Level 1
Hi Matt

To partly answer your question, I would recommend upgrading to v6.2.3.7 for
now and wait for bugs to be discovered and subsequent bug fixes to be
released.

Remember, that in the 4 years that 5.4 has been out, there were 11 (I
think) patch releases for the devices. 6.2.3 has not be out that long and
has 7 patch releases.

No. Wait updates. Have a bugs.

Abheesh Kumar
VIP Alumni
VIP Alumni

Hi 😉

2018-12-08 14_50_33-Cisco Firepower Management Center for VMWare 6.3.0 Build 83 (GUEST-FMC) - admin.jpg

 

Phil - I'm tending to agree with you there!

 

Abheesh - Nice to see you're using it. Any comments? Our customer has over 100 managed FTDs/FPRs so we don't want to be getting it wrong!

 

Cheers,

Matt.

So far no issues reported from customer side, I have upgraded on  last Saturday

Hi Abheesh - is this in your lab or a customer production system?

Its in production environment.

I too am running 6.3.0-83 (which I upgraded to shortly before the holidays).

Now I see 6.3.0-84 was released, but FMC won't allow the upgrade from 6-3-0-83 to 6.3.0-84 to be applied:

 

Capture1.PNG

Attempting to run the update creates this error:

Capture2.PNG

 

But wait, my version is less than 6.3.0-84??

Capture3.PNG

 

I'm always excited by the new and innovative ways this system continues to frustrate delight me :)

 

If you read the updated release notes of 6.3.0 you will see that build 84 fixes an upgrade bug when the FMC has been installed with a pre 6.0 version. If the upgrade was successful for you, you don't need this build.

Cloudmaker
Level 1
Level 1

Having problem updating 5508-X Firepower running 6.2.3.7.

FMC has been updated to 6.3.0. "ASA FirePOWER module upgrade from 6.2.2 and above to 6.3.0" update file has been downloaded from Cisco, file name "Cisco_Network_Sensor_Upgrade-6.3.0-83.sh.REL.tar", as no update were found by FMC for managed device during updates check (strange, but possible) .

Once uploaded update being pushed from FMC to sensor, FMC says: 

"No valid appliances available for Cisco Network Sensor Upgrade 6.3.0-83

This update is intended for software versions greater than or equal to 6.1.0 and less than 6.3.0-83".

I do have 6.2.3.7 on a sensor, what version does it need for update to run?

 

How do I update that sensor? Any help will be appreciated!

 

Hi,

Upgrading from 6.2.3.7 is supported. Are you sure the sensor is on v6.2.3.7?

You can try to upgrade it directly, upload the file to updates folder directly and run this command:

sudo install_update.pl --readiness-check /var/sf/updates/updatefilename, then;
sudo install_update.pl --detach /var/sf/updates/updatefilename

This isn't an officially supported method

Yes, 6.2.3.7 it is.

CapturFiles_3.jpg

So it is possible to update Firepower module from within CLI?

Thank you, I'll follow the way you mentioned.

 

 

Well, I managed to upload an update to a sensor via SCP.

And right after "sudo install_update.pl --detach /var/sf/updates/Cisco_Network_Sensor_Upgrade-6.3.0-83.sh" it says:

 

ARGV[0] = --detach

ARGV[1] = /var/sf/updates/Cisco_Network_Sensor_Upgrade-6.3.0-83.sh install_update.pl begins. bundle_filepath: /var/sf/updates/Cisco_Network_Sensor_Upgrade-6.3.0-83.sh

Update is not a signed or content update at /ngfw/usr/local/sf/bin/install_update.pl line 509. 

 

I can't even speculate as to what that might be.

You need to use the tar file for newer versions.

Review Cisco Networking for a $25 gift card