12-11-2018 02:12 AM - edited 03-12-2019 07:09 AM
As per title. Firepower 6.3.0 been out for 8 days now. Anybody tried it in production yet?
What's the lowdown on the good, the bad and the ugly?
We have a LARGE customer deployment that we need to upgrade from 6.2.2.X.
We're trying to decide whether to go to 6.2.3.7 or 6.3.0....
Cheers,
Matt.
12-12-2018 05:53 AM - edited 12-12-2018 05:54 AM
not yet, the pre-install guide says there is a pre-installation file necessary when upgrading from 6.2.x ( https://www.cisco.com/c/en/us/td/docs/security/firepower/upgrade/fpmc-upgrade-guide/version_specific_guidelines.html#id_70638 ). There is no file on the download site. I have a ticket open with TAC about the issue
12-12-2018 05:57 AM - edited 12-12-2018 05:58 AM
I have upgraded FMC without any pre install patch from 6.2.3.4
12-12-2018 06:32 AM
Yes and immediately discovered a REST API bug:
Each literal IP address is returned as type:"FQDN" which when used to push a new rule to an access policy results in no error but the rule just missing all literal IPs resulting in an any rule.
12-14-2018 06:10 AM
I upgraded my ASA 5508-X with Firepower services from 6.2.3.7 to 6.3.0 without issue.
12-12-2018 12:39 PM
Hi
i upgraded my lab successfully without any issues. Good stuff in 6.3
- device backups for ftd
- in Fdm finally ha
- ttl decrement natively in a new service policy
- fqdn objects in acp
- better integration in Threat response
we have also big customers with ftds. My advice to Maneged service will be to upgrade as soon patch 2 is available. I do not use .0 releases in production. But at latest with patch 2 (6.3.2) I assume this release is ready for the customer.
Andre
12-12-2018 06:11 PM
Running 6.3.0 here.
Hint for the ones going towards 6.2.3/6.3.0: Make sure you do not have EC certificates. It breaks deployment and system initialization.
CSCvn10754 - Cannot create objects with Elliptic Curve certificates for HTTPS access on FMC
12-13-2018 06:50 AM - edited 12-13-2018 06:57 AM
Deployment failure bug reported for few versions and 6.3.0 is also affected.
CSCvi25965
01-07-2019 11:52 AM
Hello,
We have an upcoming upgrade from v6.2.3.5 to v6.2.3.8, but not quite sure if 6.2.3.8 and 6.3.0 fixes defect CSCvi25965 as both versions are listed on the affected releases. The workaround listed is "Roll back the SRU that caused the policy deployment to fail", not quite sure that I would recommend this to my customer since they're currently on the RRR due to this defect.
Anyone who can share additional input on this defect is much appreciated.
01-07-2019 12:18 PM
01-23-2019 12:41 PM
on 6.2.3.6( 9300)
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide