Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2530
Views
0
Helpful
13
Replies

Cisco Firepower 1010 - Issue with Software Image

Go to solution
Xenofon Batsis
Frequent Visitor
Frequent Visitor

‎12-31-2025 01:57 AM

I am experiencing an issue with the software image on a Cisco Firepower 1010 device.

After performing a factory reset, I accidentally erased disk0:, which resulted in the loss of the system image. As a result, the device can no longer boot and is currently offline with no software installed.

I do not have an active Cisco support contract, so I am unable to download the required image from Cisco.

The device previously had a basic license that provided NAT, DHCP, and HTTP server access. In addition, the following licenses have expired:

  • URL Filtering

  • Malware Protection

  • Threat Defense / Threat Protection

Given the current state of the device (no bootable image and no active contract), what steps should I follow to recover the device and restore at least the basic functionality?

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Xenofon Batsis

‎01-07-2026 12:04 PM

Is this only the PC not working in that subnet

To be clear, PC has internet. The issue you have is that you can't ping anything?

Which IP are you trying to ping? Or any IP not able to ping, are you able to ping Gateway

post ipconfig /all (output here)

If the FW is the gateway, then you need to check ACP and check FW Logs

Is this the only PC not working in that subnet?

BB

=====️ Preenayamo Vasudevam ️=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎01-19-2026 08:59 PM - edited ‎01-19-2026 09:00 PM

@Xenofon Batsis

There is a legal method to download FTF 1010 firmware for free.  Here are the steps: 

1.  Prepare the filename that you want Cisco TAC (Entitlements Team) to publish.  

2.  Know what is the file link/location to the filename. 

3.  Read either one of the two:  

4.  Scroll down to the bottom of the page where the Legal Disclaimer:  Software Downloads and Technical Support section and read the fine print very carefully:  

The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. Please note that customers may download only software that was procured from Cisco directly or through a Cisco authorized reseller or partner and for which the license is still valid.

Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC). Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.

When considering software upgrades, customers are advised to regularly consult the advisories for the relevant Cisco products to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

5.  Call Cisco TAC.  Do not send them an email because tac@cisco[.]com has been decommissioned.  

6.  Provide TAC the serial number of the FTD 1010, the filename (step 1) and the file location (step 2).  

Good luck!

 

View solution in original post

0 Helpful
13 Replies 13

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-31-2025 02:18 AM

Looking at the information, you do not have many options left (due to human mistakes)

Even if you get an image, most of the features are expired, and you only have a base License like FW.

Contact the TAC at the phone number, or try login in with your CCO account and downloading the software (in some cases, you can download it) - even though you do not need a contract.

 

 

BB

=====️ Preenayamo Vasudevam ️=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Xenofon Batsis
Frequent Visitor
Frequent Visitor
In response to balaji.bandi

‎12-31-2025 02:53 AM

Thank you for your response. Actually, i haven't software image in the Firewall Device, if i will install the Software then i will activate the licenses. In the CCO account, all the images are restricted and you must have contract to download it. Also, one software is free to download but it has label for possible bugs so i don't want to install in my Firepower 1010. Obviously,  the software version has matching with serial number of the device. Correct?

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Xenofon Batsis

‎12-31-2025 03:17 AM

For now, you do not have an option; the only choice you have is to download and recover the FW to working condition, so I downloaded whatever option you have to download and recover the Firewall.

 the software version has matching with serial number of the device. Correct?

Not sure I understand this correctly - you can install any software which is stable on your device, as long as you have permission to download as part of the contract.

If this is in production, have the base License you should be able to download - better call Cisco TAC and ask.

BB

=====️ Preenayamo Vasudevam ️=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Xenofon Batsis
Frequent Visitor
Frequent Visitor

‎12-31-2025 03:41 AM

If i find a solution for a software image and then follow the below steps, i have access to GUI? Before i ask about the serial number of the Firepower, if a take the image from another Firepower 1010, should i have any issue with DHCP, NAT or HTTP access?

firepower-2110 /firmware # show package
Name                                          Package-Vers
--------------------------------------------- ------------
cisco-asa-fp2k.9.20.2.2.SPA                   9.20.2.2
cisco-ftd-fp2k.7.4.1-172.SPA                  7.4.1-172
firepower-2110 /firmware #

scope auto-install

install security-pack version version

In the show package output, copy the Package-Vers value for the security-pack version number. The chassis installs the image and reboots.This process, including reloading, can take approximately 30 minutes.

 

XenofonBatsis_0-1767180928733.pngXenofonBatsis_1-1767180960000.png

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Xenofon Batsis

‎12-31-2025 04:05 AM

2K image does not work on 1K Firewall.

You can get SN back of the kit if you're looking to get one.

BB

=====️ Preenayamo Vasudevam ️=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Xenofon Batsis
Frequent Visitor
Frequent Visitor

‎12-31-2025 04:26 AM

I understand that the two images are just an example, and that only one image can be installed on a Firepower device.

Will the serial number (SN) of another device affect the configuration of DHCP, NAT, or other services? I am asking because yesterday I installed a software image taken from another Firepower device, and after the installation I was unable to access the GUI and also experienced network connectivity issues.

I had installed the below software, but the serial number wasn't the SN of my Firepower!

cisco-ftd-fp2k.7.4.1-172.SPA

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Xenofon Batsis

‎12-31-2025 05:56 AM

as i mentioned before you can not install the image of 2XXX mode with 1XXX model

SN and image not tagged, if you have a copy, you can install N number of devices without any issue as long as the same model and image.

installed a software image taken from another Firepower device, and after the installation I was unable to access the GUI and also experienced network connectivity issues.

We were not aware of this issue until you configured a duplicate IP address.

 

BB

=====️ Preenayamo Vasudevam ️=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Xenofon Batsis
Frequent Visitor
Frequent Visitor
In response to balaji.bandi

‎01-05-2026 03:11 AM

I have installed the version 7.6.2-329.SPA from another Firepower 1010. The result is that the status of the led is red and i haven't network. The DHCP protocol is enabled, i have configured one by one the steps and the protocols didn't worked.

I have configured manager local without result, firepower has the below config:

Static IP: 192.168.95.2

CIDR:255.255.255.0

Gateway:192.168.95.1

I haven't access to the http server, my pc was in the port of the Firepower(Ethernet1/2) but i didn't have access to the Internet. I don't know the reason, i have tried a lot of times without any result. My PC has the correct IP (192.168.95.5/24) and i can ping to the GW but from firewall i can't ping the IP of the PC.

I must find to download form Cisco the correct version for the Firepower!!!

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Xenofon Batsis

‎01-05-2026 02:14 PM 

 i can't ping the IP of the PC.

PC may have windows firewall. can you post the command you using to ping from FTD.

i use normally at work and home lab never seen any issue :

https://www.balajibandi.com/?p=1855

you can try below commands :

> ping <target_IP_address>
> ping system <target_IP_address>

check command level reference :

https://www.cisco.com/c/en/us/td/docs/security/firepower/command_ref/b_Command_Reference_for_Firepower_Threat_Defense/dr.html#wp3900674469

BB

=====️ Preenayamo Vasudevam ️=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Xenofon Batsis
Frequent Visitor
Frequent Visitor
In response to balaji.bandi

‎01-07-2026 12:35 AM

I'm not sure is the firewall from Pc, because i had tried from another pc without any active Windows Defender. The issue was the same. The pc was taken IP from DHCP server but there wasn't access to the Internet. From firewall i can ping 1.1.1.1, 8.8.8.8, 9.9.9.9, i have access to the Internet but from PC h couldn't ping any IP. I don't understand

Another PC IP: 192.168.95.7/24

Firewall IP:192.168.95.1

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Xenofon Batsis

‎01-07-2026 12:04 PM

Is this only the PC not working in that subnet

To be clear, PC has internet. The issue you have is that you can't ping anything?

Which IP are you trying to ping? Or any IP not able to ping, are you able to ping Gateway

post ipconfig /all (output here)

If the FW is the gateway, then you need to check ACP and check FW Logs

Is this the only PC not working in that subnet?

BB

=====️ Preenayamo Vasudevam ️=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Xenofon Batsis
Frequent Visitor
Frequent Visitor

‎01-14-2026 02:06 AM

Thank you for your help, after a lot of times of factory-reset, i configure manager local and i have access from a laptop to https server.

My pc has Internet now but i haven't access in https and ssh server. Maybe is the issue with windows defender or firewall policy from ESSET, i don't know for now!

The firewall works perfect now!

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎01-19-2026 08:59 PM - edited ‎01-19-2026 09:00 PM

@Xenofon Batsis

There is a legal method to download FTF 1010 firmware for free.  Here are the steps: 

1.  Prepare the filename that you want Cisco TAC (Entitlements Team) to publish.  

2.  Know what is the file link/location to the filename. 

3.  Read either one of the two:  

4.  Scroll down to the bottom of the page where the Legal Disclaimer:  Software Downloads and Technical Support section and read the fine print very carefully:  

The Cisco Support and Downloads page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. Please note that customers may download only software that was procured from Cisco directly or through a Cisco authorized reseller or partner and for which the license is still valid.

Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC). Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.

When considering software upgrades, customers are advised to regularly consult the advisories for the relevant Cisco products to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

5.  Call Cisco TAC.  Do not send them an email because tac@cisco[.]com has been decommissioned.  

6.  Provide TAC the serial number of the FTD 1010, the filename (step 1) and the file location (step 2).  

Good luck!

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card