Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1408
Views
5
Helpful
3
Replies

Firewall 2100 RMA replacement keeping SSD possible?

Peter Koltl
Level 7
Level 7

‎05-01-2022 11:50 PM

We replaced a HA secondary member FP2130 and made an attempt to keep and reuse the SSD from the original device. I had been aware that it is not written in the guides that it would work if we move the SSD from one device to another. But I would like to know what happened.

The new device booted with the reused SSD and the management IP address was preserved. But the FTD image was offline and it showed an older version. So we could not spare the reimage task.

 

Attempt autoboot: "boot disk0:installables/switch/fxos-k8-fp2k-lfbff.2.3.1.84.SPA"

The digital signature of the file: fxos-k9-fp2k-manager.2.3.1.84.SPA verified successfully

The digital signature of the file: fxos-k8-fp2k-npu.2.3.1.84.SPA verified successfully

SSP_VERIFY_SIGN_DIR: Creating file list.
SSP_VERIFY_SIGN_DIR: Error in create file list.
SSP_VERIFY_SIGN_DIR: Removing temporary files.
SSP_VERIFY_SIGN_DIR: ERROR: Please resolve the error and try again
SSP_VERIFY_SIGN_DIR: Fri Apr 29 00:19:43 UTC 2022Filesystem Size Used Avail Use% Mounted on
tmpfs 16G 96K 16G 1% /var/volatile
Configuration Xml found is /opt/cisco/csp/applications/configs/cspCfg_cisco-ftd.6.4.0.102__ftd_001_FCZ2447M0B83EWYEB1.xml
CSPID for App is cisco-ftd.6.4.0.102__ftd_001_FCZ2447M0B83EWYEB1
ERROR: chkSysAltINFO: System Disk /dev/sda present. Status: Operable.

fw2130 login: /bin/ls: cannot access /opt/cisco/csp/applications/cisco-ftd.6.4.0.102__ftd_001_FCZ2447M0B83EWYEB1/app_bin/*ftd*.6.4.0.102.hconf2.sign: No such file or directory

fw2130 /ssa # show app-instance 
Application Name Slot ID Admin State Operational State Running Ver
sion Startup Version Cluster Oper State
-------------------- ---------- --------------- -------------------- -----------
---- --------------- ------------------
ftd 1 Enabled Offline 6.2.3.83 
6.2.3.83 Not Applicable

fw2130 /system # show version detail 
MANAGER:
Boot Loader:
Firmware-Vers: 1012.0200.0213
Rommon-Vers: 1.0.12
Fpga-Vers: 2.0.00
Power-Sequencer-Vers: 2.13
Firmware-Status: OK
System:
Running-Vers: 2.3(1.84)
Platform-Vers: 6.6.1.91
Package-Vers: 6.6.1.91
Startup-Vers: 2.3(1.84)
NPU:
Running-Vers: 2.3(1.84)
Platform-Vers: 6.6.1.91
Package-Vers: 6.6.1.91
Startup-Vers: 2.3(1.84)
Service Manager:
Running-Vers: 2.3(1.84)
Platform-Vers: 2.3.1.84
Package-Vers: 6.2.3-83
Startup-Vers: 2.3(1.84)RMA, SSD, Cisco Firepower Threat Defense (FTD)

 

0 Helpful
3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

‎05-02-2022 01:57 AM

Yes and no. 

Officially, no. 

Un-officially, it can be done due to "sensitive" contents.  

Kasun Bandara
VIP
VIP

‎05-02-2022 05:08 AM

you can discuss with TAC engineer about this and come to conclusion 

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Kasun Bandara

‎05-02-2022 03:50 PM

@Kasun Bandara wrote:

you can discuss with TAC engineer about this and come to conclusion 

No need.  

"Classified" network operators do this all the time.  

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card