Old version of FTD is good when it is added to the new version FMC

NguyenNgocBa · ‎12-15-2022

Currently I have 1 Asa 5525-x hardware using Cisco Fire Linux OS v6.2.2 (build 11).
Cisco ASA5525-X Threat Defense v6.2.2.5 (build 57)
- Before that I used the FMC version of Cisco Firepower Management Center for VMWare
Serial Number None
Software Version 6.2.2.5 (build 57), but currently I am planning to upgrade my FMC version to version 6.6.7 by I will clone on Exsi and I will proceed to upgrade the clone to to version 6.6.7 as my intention, after upgrading the clone, I intend to turn off the old FMC version and proceed to replace the new FMC version in the future.
- I don't know if that's considered a workaround, I'm not sure if the old FTD 6.2.25 part is really compatible with the new FMC 6.6.7 version or I have to upgrade the whole part. FTD to version equal to FMC
- I'm not sure it will succeed because during the upgrade from version 6.4 to 6.5 I was notified that I had to upgrade the FTD version to a higher version to avoid errors, I solved it by removing FTD from the clone and it allowed the upgrade
- Last time I want to ask if the high FMC version really supports the hardware with lower version or it is best to upgrade both of them.

Milos_Jovanovic · ‎12-15-2022

Hi @NguyenNgocBa,

Pay attention to required HW resources, when upgrading. Older releases required less HW resources, but it is required to increase it now. You can see reference here.

From v6.6.x, oldest FTD you can manage is 6.2.3, as you can see in compatibility matrix.

If you want to do hitless upgrade, then you'll need to do upgrades of both FMC and FTD(s), one at a time, to specific intermediate releases, and as per compatibility matrix.

Kind regards,

Milos