FMC FTD 7.2 2100 series ?

ida71 · ‎08-03-2022

Anyone installed this yet on 2100 series FTD's in a production environment ?

We have experience a bug in our current version, that TAC is advising us to update to this latest version, which they claim has fixes in place for it.

I had similar bug in 7.0, 7.0.1, 7.1 which they claimed was fixed, but wasn't, so I had to downgrade the FTD's which is a right royal pain in the ass, so not feeling like playing guinea pig this time around.

Any feedback appreciated.

Marius Gunnerud · ‎08-03-2022

We have also hit a few bugs in the 7.0.1 train. We have recently upgraded to 7.0.2.1 which seems to be more stable. I am usually very cautious about upgrading to the latest and greatest release. I usually wait for a few maintenance releases before upgrading, but with this CI/CD mentality to keep up with the competition you never know if there are any new bugs or re-introduced bugs in the new releases.

--
Please remember to select a correct answer and rate helpful posts

marce1000 · ‎08-03-2022

>...We have experience a bug in our current version,

- If you describe the bug (too), then you get the benefit of people sharing their experiences (if any) on the particular bug and or pointing to resolving software versions or not (for example)

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ida71 · ‎08-03-2022

The Bug was on v6.6.4-59 which we downgraded to to escape the v7 nightmare. v7 never should have been Gold Star release, as way to many traffic killing bugs on 2100 series FTD's & the FMC was not to clever either on FMC-1600 appliance, kept consuming memory & needed rebooting very 2 weeks Grrrr

TAC reports latest bug as https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47737 which has 5 reported cases. Just my luck.

So still looking for feedback from people with FMC & FTD-2100 series appliances upgraded to v7.2 & if they have any issues ?

When I upgraded to v7.0.1 as Gold Star everything was fine for 2 weeks, then approx every 10-14 days traffic through the sensor would stop due to a Snort Bug, which depleted memory blocks. TAC advised upgrade revert to Snort2, same issue, then to v7.1 on which Snort3 would just crash the box, revert to Snort2 & still had failures every 10-14 days. So you may appreciate my reluctance to dive into their new advise.

Marvin Rhoads · ‎08-03-2022

I've not upgraded any of my production customers to 7.2 on their devices yet (a few FMCs, yes).

Currently 7.0.4 is shortlisted for the next suggested release (after 7.0.1) before moving the star to 7.2.x

ida71 · ‎08-03-2022

Thanks Marvin, How is the FMC behaving on 7.2 ? Are those virtual or appliances or both ?

Marvin Rhoads · ‎08-04-2022

The production FMCs I have upgraded have been two FMCv and one FMC 2600 hardware appliance. No issues with either type so far.

ida71 · ‎08-04-2022

Thanks Marvin, I'll schedule in an FMC upgrade to v7.2 in the next couple of weeks & see how that goes. FMC is currently on v7.1 & works OK, but when the FTD's were on v7.1 it needed to be rebooted every 2 weeks, has been fine since FTD's were reverted to v6.6.4.

ida71 · ‎08-15-2022

FMC now running v7.2 with no apparent issues, but I noticed a patch has been made available so will look into that.