ASA5512 Firepower module unsuported

de.101 · ‎04-30-2021

Hi,

I have inherited issue that I am trying to resolve. FMC is failing to communicate with ASA5512 Firepower module. I have done some troubleshooting and on the ASA #show module command shows:

ASA 5512-X - ips Unknown N/A - cxsc Unknown N/A - sfr Unsupported Unsupported

From what I can see it is possibly firmware related, it was upgraded by previous admin from 9.x to 9.1x. I can see in the release notes for 9.10 and up:

5512-X no longer support the ASA FirePOWER module in 9.10(1) and later due to memory constraints. You must remain on 9.9(x) or lower to continue using this module. Other module types are still supported. If you upgrade to 9.10(1), the ASA configuration to send traffic to the FirePOWER module will be erased; make sure to back up your configuration before you upgrade.

So is my option only Firmware downgrade or is there any other fixes to get module working on Firmware 9.1x

Thanks in advance.

Rob Ingram · ‎04-30-2021

Hi @de.101

No unfortunately your information is correct, you cannot upgrade the ASA 5512-X past 9.10 if you want to use the FPR module. You'd need to downgrade. Ideally, if you wish to use the Firepower features you'd need to replace the hardware for a newer FPR 1000 series device, you can then run the latest ASA or FTD code.

HTH

de.101 · ‎04-30-2021

Hi,

Thanks for the reply. I suspected that was the case. I think I will look at downgrading for now and replace at hardware eventually.