Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1212
Views
5
Helpful
1
Replies

Firepower upgrade 6.2.2 ->6.4.x

Go to solution
the_wizard
Level 1
Level 1

‎02-12-2020 02:59 AM - edited ‎02-21-2020 09:54 AM

Hey!

 

FXOS: 2.2 and 2.3

FTD: 6.2.2 build 81

FMC: 6.2.3 build 84.

 

Looking to upgrade our 4100 setup. We're looking to go up to 6.4.0.7

As far as I understand you should do the upgrade in the following steps FMC--> FXOS --> FTD?

Is it possible to go from FTD ver 6.2.2 to 6.4.0 directly?

FXOS upgrade can/should this be pushed from the fmc or are you supposed to upload the file via the webgui os and intiate the upgrade from there?

Is there any general tips or information besides the upgrade plan guide ie knowledge how to reimage or similar?

 

 

Best Regards

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-12-2020 03:55 AM - edited ‎02-12-2020 03:56 AM

Q: As far as I understand you should do the upgrade in the following steps FMC--> FXOS --> FTD?

A: Correct. For FXOS note the following if you have HA:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/relnotes/firepower-release-notes-640/upgrade.html#id_65028

(upgrade standby unit first and, after it completes, switch active roles and then upgrade the new standby unit)

 

Q: Is it possible to go from FTD ver 6.2.2 to 6.4.0 directly?

A: Yes for FMC. Yes for FTD on 4100 series if you have first upgraded to the necessary FXOS release. Recommend the latest FXOS (currently 2.7(1.106)).

 

Q: FXOS upgrade can/should this be pushed from the fmc or are you supposed to upload the file via the webgui os and initiate the upgrade from there?

A: FXOS for 4100 and 9300 series is always upgraded from the Firepower Chassis Manager (not FMC).

 

General advice is to just read the release notes and upgrade guides carefully. Cisco has it pretty well documented. I'd go all the way to 6.4.0.8 as of now since it patches a good number of bugs present in 6.4.0.7. For your FMC I'd even advise strongly considering 6.5.0.2.

View solution in original post

1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-12-2020 03:55 AM - edited ‎02-12-2020 03:56 AM

Q: As far as I understand you should do the upgrade in the following steps FMC--> FXOS --> FTD?

A: Correct. For FXOS note the following if you have HA:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/relnotes/firepower-release-notes-640/upgrade.html#id_65028

(upgrade standby unit first and, after it completes, switch active roles and then upgrade the new standby unit)

 

Q: Is it possible to go from FTD ver 6.2.2 to 6.4.0 directly?

A: Yes for FMC. Yes for FTD on 4100 series if you have first upgraded to the necessary FXOS release. Recommend the latest FXOS (currently 2.7(1.106)).

 

Q: FXOS upgrade can/should this be pushed from the fmc or are you supposed to upload the file via the webgui os and initiate the upgrade from there?

A: FXOS for 4100 and 9300 series is always upgraded from the Firepower Chassis Manager (not FMC).

 

General advice is to just read the release notes and upgrade guides carefully. Cisco has it pretty well documented. I'd go all the way to 6.4.0.8 as of now since it patches a good number of bugs present in 6.4.0.7. For your FMC I'd even advise strongly considering 6.5.0.2.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card