cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1066
Views
23
Helpful
12
Replies

FMCv upgrade path from v7.1.0

ssan239
Level 1
Level 1

Hi All,

We are planning to upgrade our FMC and the FTDs managed by the same FMC to the better version which is stable.

Currently we are running the below in the FMC.

Cisco Firepower Extensible Operating System (FX-OS) v2.11.1 (build 154)
Cisco Firepower Management Center for VMware v7.1.0 (build 90)

What is the best version to move to and the upgrade path i dont find any link to check the upgrade path for the FMC nor FTD. Please share it and also share the link to download the best version for FMC installed in the VMware.

Regards,

Sanjay S

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

+1 recommending 7.2.2. I have several customers' FMCs running that release without any problems.

As long as you don't have any managed devices running anything older than 6.6 and the FMC itself isn't one of the old end of sales hardware appliances (FMC 1000, FMC 2000 etc.), it works fine.

View solution in original post

12 Replies 12

@ssan239 well 7.0.5 is the current gold star (recommended) version from Cisco. 7.3 is the latest version, I would not yet uggrade to that version. So if you want to upgrade that leaves 7.2 - https://software.cisco.com/download/home/286259687/type/286271056/release/7.2.2

Upgrade guides - https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/upgrade/management-center/720/upgrade-management-center-72.html

 

 

 

I am with Rob here. 7.2 is a Long-Term support release that will be supported for quite some time. And has a lot of improvements for Monitoring on the FMC. If your FTDs are still on an earlier release, I would typically keep them on the suggested 7.0.x instead of also updating them to 7.2. Having the FMC on 7.2 and the FTDs on 7.0 is perfectly fine.

Upgrade paths are available in the software version release notes.  You can find this either by Googling it or going to the Cisco download page and mouse over the software version you want to download and click on release notes.

We are running version 7.2.2 at many of our clients and have not had any issues with this version.  Granted, just because we are not experiencing any issues doesn't mean others are not experiencing issues.  But from my experience with version 7.2.2 I can recommend this version.  Just remember to upgrade the FMC before upgrading the FTDs.  You can upgrade directly to 7.2.x from 7.1.x.  If your FTDs are 4100 series then be sure to check the FXOS requirements before upgrade as this would need to be upgraded before FTD upgrade.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/release-notes/threat-defense/720/threat-defense-release-notes-72/upgrade.html

 

--
Please remember to select a correct answer and rate helpful posts

Thank you very much for your explanation on this. Will go ahead with 7.2.2 from v7.1.0.

Will upgrade the FTDs also to the same version 7.2.2.

Marvin Rhoads
Hall of Fame
Hall of Fame

+1 recommending 7.2.2. I have several customers' FMCs running that release without any problems.

As long as you don't have any managed devices running anything older than 6.6 and the FMC itself isn't one of the old end of sales hardware appliances (FMC 1000, FMC 2000 etc.), it works fine.

Thank you Marvin for all your inputs on this.

One Last question is the attached one we need to download for the Virtual FMC?

Regards,

Sanjay S

@ssan239 yes that is the correct upgrade package for FMCv 7.2.2

@ssan239, as @Rob Ingram mentioned, yes that's the 7.2.2 package you would need.

However, 7.2.3 was released last month. So Cisco_Secure_FW_Mgmt_Center_Upgrade-7.2.3-77.sh.REL.tar would be suggested instead.

Thank you Marvin.

I dont see any guide to upgrade using CLI. Please share  if any links to upgrade using CLI.

Thank you Rob it was helpful.

I faced some database issues with the FMC. Rebuild the database and now upgraded to 7.2.3 successfully.

Now planning to upgrade the FTDs to the same version. Downloaded the below image but getting the warning as below.

Cisco_FTD_Upgrade-7.2.3-77.sh.REL.tar - Image downloaded(Is this the correct image at all?)

Getting the Warning as:

Info

No valid appliances available for Cisco FTD Upgrade 7.2.3-77


This update is intended for software versions greater than or equal to 6.6.0 and less than 7.2.3-77

Is there any other package that i need to download?

Regards,

Sanjay S

@ssan239 every hardware type (Firepower 1000, 2100, 3100, 4100 and 9300 series plus FTDv) has a different applicable upgrade image.

The respective images are found on each product's download page at software.cisco.com You can start at this page and drill down to your hardware's available images:

https://software.cisco.com/download/home/278875273

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: