01-30-2023 02:08 AM
Hi All,
We are planning to upgrade our FMC and the FTDs managed by the same FMC to the better version which is stable.
Currently we are running the below in the FMC.
Cisco Firepower Extensible Operating System (FX-OS) v2.11.1 (build 154)
Cisco Firepower Management Center for VMware v7.1.0 (build 90)
What is the best version to move to and the upgrade path i dont find any link to check the upgrade path for the FMC nor FTD. Please share it and also share the link to download the best version for FMC installed in the VMware.
Regards,
Sanjay S
Solved! Go to Solution.
01-30-2023 05:01 AM - edited 01-30-2023 05:07 AM
+1 recommending 7.2.2. I have several customers' FMCs running that release without any problems.
As long as you don't have any managed devices running anything older than 6.6 and the FMC itself isn't one of the old end of sales hardware appliances (FMC 1000, FMC 2000 etc.), it works fine.
01-30-2023 02:23 AM - edited 01-30-2023 02:27 AM
@ssan239 well 7.0.5 is the current gold star (recommended) version from Cisco. 7.3 is the latest version, I would not yet uggrade to that version. So if you want to upgrade that leaves 7.2 - https://software.cisco.com/download/home/286259687/type/286271056/release/7.2.2
Upgrade guides - https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/upgrade/management-center/720/upgrade-management-center-72.html
01-30-2023 02:30 AM
I am with Rob here. 7.2 is a Long-Term support release that will be supported for quite some time. And has a lot of improvements for Monitoring on the FMC. If your FTDs are still on an earlier release, I would typically keep them on the suggested 7.0.x instead of also updating them to 7.2. Having the FMC on 7.2 and the FTDs on 7.0 is perfectly fine.
01-30-2023 02:30 AM
Upgrade paths are available in the software version release notes. You can find this either by Googling it or going to the Cisco download page and mouse over the software version you want to download and click on release notes.
We are running version 7.2.2 at many of our clients and have not had any issues with this version. Granted, just because we are not experiencing any issues doesn't mean others are not experiencing issues. But from my experience with version 7.2.2 I can recommend this version. Just remember to upgrade the FMC before upgrading the FTDs. You can upgrade directly to 7.2.x from 7.1.x. If your FTDs are 4100 series then be sure to check the FXOS requirements before upgrade as this would need to be upgraded before FTD upgrade.
01-30-2023 11:52 PM
Thank you very much for your explanation on this. Will go ahead with 7.2.2 from v7.1.0.
Will upgrade the FTDs also to the same version 7.2.2.
01-30-2023 05:01 AM - edited 01-30-2023 05:07 AM
+1 recommending 7.2.2. I have several customers' FMCs running that release without any problems.
As long as you don't have any managed devices running anything older than 6.6 and the FMC itself isn't one of the old end of sales hardware appliances (FMC 1000, FMC 2000 etc.), it works fine.
03-06-2023 01:41 AM
03-06-2023 01:45 AM
@ssan239 yes that is the correct upgrade package for FMCv 7.2.2
03-06-2023 03:23 AM
@ssan239, as @Rob Ingram mentioned, yes that's the 7.2.2 package you would need.
However, 7.2.3 was released last month. So Cisco_Secure_FW_Mgmt_Center_Upgrade-7.2.3-77.sh.REL.tar would be suggested instead.
03-14-2023 01:04 PM
Thank you Marvin.
I dont see any guide to upgrade using CLI. Please share if any links to upgrade using CLI.
03-14-2023 01:09 PM
@ssan239 the Cisco guide only covers upgrades via GUI not CLI, suggest you follow this straight forward procedure - https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/upgrade/management-center/720/upgrade-management-center-72/upgrade-mgmt-center.html
03-24-2023 04:22 AM
Thank you Rob it was helpful.
I faced some database issues with the FMC. Rebuild the database and now upgraded to 7.2.3 successfully.
Now planning to upgrade the FTDs to the same version. Downloaded the below image but getting the warning as below.
Cisco_FTD_Upgrade-7.2.3-77.sh.REL.tar - Image downloaded(Is this the correct image at all?)
Getting the Warning as:
No valid appliances available for Cisco FTD Upgrade 7.2.3-77
This update is intended for software versions greater than or equal to 6.6.0 and less than 7.2.3-77
Is there any other package that i need to download?
Regards,
Sanjay S
03-24-2023 06:03 AM
@ssan239 every hardware type (Firepower 1000, 2100, 3100, 4100 and 9300 series plus FTDv) has a different applicable upgrade image.
The respective images are found on each product's download page at software.cisco.com You can start at this page and drill down to your hardware's available images:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide