05-01-2022 11:50 PM
We replaced a HA secondary member FP2130 and made an attempt to keep and reuse the SSD from the original device. I had been aware that it is not written in the guides that it would work if we move the SSD from one device to another. But I would like to know what happened.
The new device booted with the reused SSD and the management IP address was preserved. But the FTD image was offline and it showed an older version. So we could not spare the reimage task.
Attempt autoboot: "boot disk0:installables/switch/fxos-k8-fp2k-lfbff.2.3.1.84.SPA"
The digital signature of the file: fxos-k9-fp2k-manager.2.3.1.84.SPA verified successfully
The digital signature of the file: fxos-k8-fp2k-npu.2.3.1.84.SPA verified successfully
SSP_VERIFY_SIGN_DIR: Creating file list.
SSP_VERIFY_SIGN_DIR: Error in create file list.
SSP_VERIFY_SIGN_DIR: Removing temporary files.
SSP_VERIFY_SIGN_DIR: ERROR: Please resolve the error and try again
SSP_VERIFY_SIGN_DIR: Fri Apr 29 00:19:43 UTC 2022Filesystem Size Used Avail Use% Mounted on
tmpfs 16G 96K 16G 1% /var/volatile
Configuration Xml found is /opt/cisco/csp/applications/configs/cspCfg_cisco-ftd.6.4.0.102__ftd_001_FCZ2447M0B83EWYEB1.xml
CSPID for App is cisco-ftd.6.4.0.102__ftd_001_FCZ2447M0B83EWYEB1
ERROR: chkSysAltINFO: System Disk /dev/sda present. Status: Operable.
fw2130 login: /bin/ls: cannot access /opt/cisco/csp/applications/cisco-ftd.6.4.0.102__ftd_001_FCZ2447M0B83EWYEB1/app_bin/*ftd*.6.4.0.102.hconf2.sign: No such file or directory
fw2130 /ssa # show app-instance
Application Name Slot ID Admin State Operational State Running Ver
sion Startup Version Cluster Oper State
-------------------- ---------- --------------- -------------------- -----------
---- --------------- ------------------
ftd 1 Enabled Offline 6.2.3.83
6.2.3.83 Not Applicable
fw2130 /system # show version detail
MANAGER:
Boot Loader:
Firmware-Vers: 1012.0200.0213
Rommon-Vers: 1.0.12
Fpga-Vers: 2.0.00
Power-Sequencer-Vers: 2.13
Firmware-Status: OK
System:
Running-Vers: 2.3(1.84)
Platform-Vers: 6.6.1.91
Package-Vers: 6.6.1.91
Startup-Vers: 2.3(1.84)
NPU:
Running-Vers: 2.3(1.84)
Platform-Vers: 6.6.1.91
Package-Vers: 6.6.1.91
Startup-Vers: 2.3(1.84)
Service Manager:
Running-Vers: 2.3(1.84)
Platform-Vers: 2.3.1.84
Package-Vers: 6.2.3-83
Startup-Vers: 2.3(1.84)RMA, SSD, Cisco Firepower Threat Defense (FTD)
05-02-2022 01:57 AM
Yes and no.
Officially, no.
Un-officially, it can be done due to "sensitive" contents.
05-02-2022 05:08 AM
you can discuss with TAC engineer about this and come to conclusion
05-02-2022 03:50 PM
@Kasun Bandara wrote:
you can discuss with TAC engineer about this and come to conclusion
No need.
"Classified" network operators do this all the time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide