Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
751
Views
5
Helpful
4
Replies

FPR 1120 reimage problem

Go to solution
lmoceze
Level 1
Level 1

‎11-29-2024 06:22 AM

Hey there,

I try to reimage my FPR 1120 box from 6.x to 7.2.5, however I am facing the following problem:

xxx> show version 
----------------------[ xxx ]-----------------------
Model : Cisco Firepower 1120 Threat Defense (78) Version 6.4.0 (Build 102)
(...)
xxx(local-mgmt)# format everything 
All configuration and bootable images will be lost.
Do you still want to format? (yes/no):yes
(...)
rommon 13 > tftp -b
(...)
Ethernet init success 
Enable boot bundle: tftp_reqsize = 268435456
(...)
IMAGE: cisco-ftd-fp1k.7.2.5-208.SPA

link up
Receiving cisco-ftd-fp1k.7.2.5-208.SPA from (...) !!!
Overall timeout.

File reception completed.
Boot buffer bigbuf=640ff498
Boot image size = 199115728 (0xbde43d0) bytes
[image size] 199115728
(...)
Failed to validate digital signature in Primary key Storage !!
Failed to validate digital signature in Backup key Storage !!
+-------------------------------------------------------------------+
+------------------------- FAILURE ---------------------------------+
+-------------------------------------------------------------------+
| |
| LFBFF signature authentication failed !!! |
| |
+-------------------------------------------------------------------+

Incorrect installer image for this platform !!

Failed to Free memory block at address 0x00000000640ff498

(...) means that I cut some parts of the output.

However the Incorrect installer image for this platform !! seems to be a pretty straight forward message, as I understood, the SPA is the fresh install package, not the ral.tar. So im not sure what Im missing here.
Did anyone faced this issue too?

Thanks a lot!

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
lmoceze
Level 1
Level 1
In response to lmoceze

‎12-02-2024 04:12 AM

Hello All,
The problem was that more than 0 packets got lost during transit, so the image was incorrect.
Moral of the story: use USB or dont put your life on TFTP + Internet

View solution in original post

4 Replies 4

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎11-30-2024 03:32 AM

 

 - Ref : https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/release-notes/threat-defense/720/threat-defense-release-notes-72.html#r_ftd-upgrade-path
           Check Table 17.  it looks like you can not go directly from 6.4 to 7.2.5 , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Go to solution
lmoceze
Level 1
Level 1
In response to marce1000

‎12-02-2024 12:33 AM

Hi M.!
Thanks for the reply!
However, I have did:

xxx(local-mgmt)# format everything 
All configuration and bootable images will be lost.
Do you still want to format? (yes/no):yes

 As of my understanding, it should be an "empty" box, does the upgrade path still matters?
Thanks a lot!

0 Helpful

Go to solution
lmoceze
Level 1
Level 1

‎12-02-2024 01:24 AM

Hey there,
It turns out that the MD5 of the image on the Cisco site and the MD5 of the image copied is not the same (probably got lost on the way due to TFTP copy + internet)  so I think that is the reason. I will do it another way, will keep you posted.

Go to solution
lmoceze
Level 1
Level 1
In response to lmoceze

‎12-02-2024 04:12 AM

Hello All,
The problem was that more than 0 packets got lost during transit, so the image was incorrect.
Moral of the story: use USB or dont put your life on TFTP + Internet

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card