Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
314
Views
2
Helpful
5
Replies

FMC 7.4 and multi-instance FPR3130 chassis upgrades

andrew.butterworth
Level 7
Level 7

‎06-20-2025 07:10 AM - edited ‎06-20-2025 08:27 AM

We are in the process of deploying some multi-instance FPR3130 pairs.  The FPR3130's were supplied with 7.2.8-25 so we manually upgraded them to 7.4.2-172 and then onboarded them into the FMCv where we then converted them to multi-instance.  We then upgraded the FMCv to 7.4.2.2-28 and proceeded to upgrade the FPR3130 chassis to 7.4.2.2-28 and then the instances to the same version.

7.4.2.3-4 recently popped up on CCO for the FMC and the FPR3100 series, so I'm looking to upgrade before any of this goes live.  I upgraded the FMCv easily and I'm now looking at upgrading the 4 x chassis.  The software is downloaded to the FMC.  If I go to Devices, Upgrade, Chassis Upgrade, it shows '4 devices and 8 clusters/HA pairs are not candidates to add to your upgrade list' in the Device Selection panel, and in the right panel showing the chassis and instances, it shows each chassis with version 7.4.2.2-28 and the Details saying 'Already running target version or later'

If I go to Devices, Upgrade, Threat Defence Upgrade, it shows '8 clusters/HA pairs are candidates to add to your upgrade list' and '4 devices are not candidates to add to your upgrade list'.  So it looks like I can upgrade the instances, but not the chassis.  Is this a bug or by design?  I can't see anything in the release notes relating to this.

 

0 Helpful
5 Replies 5

andrew.butterworth
Level 7
Level 7

‎06-30-2025 10:41 AM

So, I'm guessing that the firmware (1.4.102) and FXOS version (2.14(1.187)) in 7.4.2.2 and 7.4.2.3 are the same so there isn't an upgrade to perform for the chassis.  The FTD instances each upgraded OK to the new version.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to andrew.butterworth

‎07-01-2025 08:59 AM

Correct. Where there is a firmware or FXOS image update, the 3100 series bundles it with the FTD update.

You can see the bundled FXOS images in this table: https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/compatibility/threat-defense-compatibility.html#id_67425

balaji.bandi
Hall of Fame
Hall of Fame

‎07-01-2025 09:54 AM

For me First FXOS upgrade then FTD upgrade

Also make sure FMC is compatible and upgraded first.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

andrew.butterworth
Level 7
Level 7
In response to balaji.bandi

‎07-01-2025 10:10 AM

Yes, if it was FPR4100/9300 series.  The FPR3100 series doesn't have separate FXOS & FTD upgrades, its a combined package that contains firmware, FXOS and the FTD image.  Based on Marvin's reply and the link he posted, Threat Defence 7.4.2.2 and 7.4.2.3 for 1000/2100, 1200 and 3100/4200 series contain the same FXOS (2.14.1.187), so everything is as it should be.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to andrew.butterworth

‎07-01-2025 11:49 PM

Apologies i missed that bit of FTD31XXX you right that is bundle one, also 7.4.1 they support Multi instance - not tried.

i am going to follow this guide and check this week my upgrade to 7.4.2 or higher for my 3100 models

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/upgrade/management-center/740/upgrade-management-center-741/upgrade-chassis.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card