05-14-2024 07:53 PM
Hi everyone,
I have a 1010 firewall that was registered with an FMC and when I rebooted the device it hit a bug CSCvy63464.
So now it is not synced with the FMC, per Cisco TAC I need to upgrade.
My question for anyone out there is, what is the best process to upgrade this FTD without the FMC?
Will it lose its configuration?
Thank you in advance any information that can be shared!
05-15-2024 12:00 AM
TAC should able to advise the steps too how to upgrade :
below guide help for you using cli : ( again make sure FMC also need to upgraded to latest version)
https://nefkens.net/upgrading-firepower1010/
Note : always take backup of FMC and FTD before upgrade taking place. and read the release notes before upgrading.
05-15-2024 07:01 AM
Fix the synchronization to FMC first. Otherwise you risk losing the device's configuration if you try an upgrade from the cli and then later try to resync to FMC.
05-15-2024 07:16 AM
Thanks everyone for the replies. I worked with TAC to try and get a workaround in place with no success. So now they are telling me I have no choice but to upgrade to get around the bug. Still waiting on a reply from TAC to see which is the recommended way to go about upgrading the FTD since it no longer syncs with the FMC.
I'm thinking I may have to wipe the device, reimage it, and then reregister with the FMC and push the policies again.
05-15-2024 09:02 AM
Can't you drop into expert mode on the 1010 and set the clock to a correct date and time?
05-16-2024 03:30 PM
TAC tried that and it still didn't fix the issue. They also ran a script and no dice. I had to reimage the firewall and added back to the FMC. Luckily the FMC still had all the Polices and I just needed to reconfigure everything under Device Management. So it wasn't too bad.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide