Solved: Re: Determine or verify hotfix version Firepower Threat Defense FTD

Johan Anderstrom · ‎05-18-2020

Hi!

We have a firewall installed with the 6.5 track.

Exact FTD version is 6.5.0.4
FMC version is 6.5.0.4-57

I have patched with hotfix "Cisco_FTD_Hotfix_H-6.5.0.5-2"
FMC reports successful installation of hotfix, but in GUI it still says 6.5.0.4.

When I check CLI on FTD, it still says "Cisco ASA5516-X Threat Defense (75) Version 6.5.0.4 (Build 57)"
I can't find a command to verify that the hotfix is installed?

Regards

Johan

Marvin Rhoads · ‎05-21-2020

Go into expert mode on the sensor cli and run "rpm -qa"

View solution in original post

Marvin Rhoads · ‎05-18-2020

To verify that your hotfix installed successfully, access the Linux shell (also called expert mode) and run the following command:

cat /etc/sf/patch_history

The system lists all successful major upgrades, patches, hotfixes, and pre-install packages since the appliance was freshly installed.

Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/hotfix/Firepower_Hotfix_Release_Notes/about-firepower-hotfixes.html

hashimwajid1 · ‎05-21-2020

Hi Marvin,

this command only show FMC patch and version but it does not show FTD patch or Hotfix. recently i upgrdaed FTD with Patch 6.4.0.8 and also installed Hotfix 6.4.0.9 on FTD but i am not able to verify the Hotfix on FTD. when i run command cat /etc/sf/patch_history on FMC Cli then it shows only FMC related version and patch.

is there any way i can verify Hotfix on FTD Cli ?

Thanks in Advance

Marvin Rhoads · ‎05-21-2020

Go into expert mode on the sensor cli and run "rpm -qa"

hashimwajid1 · ‎05-21-2020

Hi Marvin,

Thanks you very much, it realy worked.

i just entered Expert mode in FTD Cli.