Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1086
Views
0
Helpful
1
Replies

Query - Firepower Upgrade - Multiple ASA Model and FMC

cHrome08
Level 1
Level 1

‎10-04-2020 05:13 PM

Hi,


I have a mixture of ASA5506-x, 5515-x and 5525-x in my environment.

The 5506-x firepower version is limited to 6.2.3.16.
There ASA5515-x and 5525-x can go up to 6.4.x version.


All these devices are currently managed by a centralized FMC and I would like to upgrade the FMC to version 6.4.0.9.
Currently, I am on version 6.3.0.2.
If I were to upgrade to 6.4.0.9. will there be issues with managing my 5506-x as its more than 1 version behind?

 

Also, after upgrading the FMC to 6.4.0.9, how will the individual ASAs get the updated firepower firmware?
Will the FMC forward the image to the ASA or do I need to manually upgrade each of the ASA to 6.4.0.9?
Sorry for the noob question, but first time I am doing this and can't seem to find any video on this.
Thank you.

0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-04-2020 06:34 PM

Cisco publishes a Firepower Compatibility Matrix here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html#id_103493

In it, we can see that FMC as new as the latest 6.6 can manage devices as far back as 6.2.3.

Once you have upgraded your FMC, any eligible managed devices need to have their upgrade packages added to FMC and then you must initiate the upgrade on a per-devices basis from FMC.

Note as you upgrade FMC you should redeploy policy to all managed devices after each upgrade (i.e., after the major release upgrade and after applying the latest patch). The same applies when you upgrade a given device - always redeploy after upgrading.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card