10-27-2020 09:07 AM
I uploaded the ISO to a SCP enabled server. When attempting to re-image the Firepower Device (8130), I put in the IP address, authorized user name for the SCP server, full path to the ISO image directory (/home/username), and password for the username.
It messages me saying that it cant' find the ISO, but when I SSH into the SCP server it's there. When I telnet to test that port 22 is open, I get a "Protocol mismatch" message. But the device and SCP can connect. Looking for some advice regarding this issue.
Thank you in advance.
10-27-2020 09:59 AM
Does your SCP server allow you to designate the home directory when you create the username? If so then you should be able to use the file name without a path from the 8130 menu. It may be failing to pass the path info to the server (or double-prepending it).
10-27-2020 10:37 AM
Hi Marvin,
When I give the path, should that include the ISO file name? The documentation says to have the full path to the ISO image directory.
10-27-2020 01:32 PM
Is the only way to load the ISO into the device for re-imaging really via downloading from a http/ftp/scp server?
10-27-2020 04:30 PM - edited 10-31-2020 09:58 AM
*****DISREGARD**********
Nope, just load the image to a USB, preferably one less than 4G-8G, and VIOLA! I had to do this because my FP2110's came with a corrupted image, TWICE.
10-27-2020 04:32 PM - edited 10-31-2020 09:57 AM
*****DISREGARD**********
Download Image from USB (not signed image, but the .SPA)
#scope firmware
/firmware# download image usbA:cisco-ftd-fp2k.6.6.0-90.SPA
Check Progress of Download
/firmware # show download-task
Download task:
File Name Protocol Server Port Userid State
--------- -------- --------------- ---------- --------------- -----
cisco-ftd-fp2k.6.6.0-90.SPA
Usb A 0 Downloading
/firmware # show download-task detail
**************Stage1**************
File Name: cisco-ftd-fp2k.6.6.0-90.SPA
Protocol: Usb A
Server:
Port: 0
Userid:
Path:
Downloaded Image Size (KB): 0
Time stamp: 2020-07-27T14:06:26.615
State: Downloading
Status:
Transfer Rate (KB/s): 0.000000
Current Task: downloading image cisco-ftd-fp2k.6.6.0-90.SPA from (FSM-STAGE:
sam:dme:FirmwareDownloaderDownload:Local)
**************Stage2**************
File Name: cisco-ftd-fp2k.6.6.0-90.SPA
Protocol: Usb A
Server:
Port: 0
Userid:
Path:
Downloaded Image Size (KB): 1106917
Time stamp: 2020-07-27T14:06:26.615
State: Downloading
Status: validating and unpacking the image
Transfer Rate (KB/s): 23551.425781
Current Task: unpacking image cisco-ftd-fp2k.6.6.0-90.SPA on primary(FSM-STA
GE:sam:dme:FirmwareDownloaderDownload:UnpackLocal)
**************Stage3**************
File Name: cisco-ftd-fp2k.6.6.0-90.SPA
Protocol: Usb A
Server:
Port: 0
Userid:
Path:
Downloaded Image Size (KB): 1106917
Time stamp: 2020-07-27T14:08:49.861
State: Downloaded
Status: Successful unpack the image
Transfer Rate (KB/s): 7740.678223
Current Task:
/firmware # show download-task
Download task:
File Name Protocol Server Port Userid State
--------- -------- --------------- ---------- --------------- -----
cisco-ftd-fp2k.6.6.0-90.SPA
Usb A 0 Downloaded
Verify Image is Packaged and Ready for Install
fp02 /firmware # show package
Name Package-Vers
--------------------------------------------- ------------
cisco-asa-fp2k.9.8.2.SPA 9.8.2
cisco-ftd-fp2k.6.2.3-83.SPA 6.2.3-83
cisco-ftd-fp2k.6.6.0-90.SPA 6.6.0-90
fxos-k9-fp2k.2.8.1.105.SPA 2.8.1.105
Install Package
/firmware # scope auto-install
/firmware/auto-install # install security-pack version 6.6.0-90
The system is currently installed with security software package 6.2.3-83, which has:
- The platform version: 2.3.1.84
- The CSP (ftd) version: 6.2.3.83
If you proceed with the upgrade 6.6.0-90, it will do the following:
- upgrade to the new platform version 2.8.1.105
- reimage the system from CSP ftd version 6.2.3.83 to the CSP ftd version 6.6.0.90
During the upgrade, the system will be reboot
Do you want to proceed ? (yes/no):yes
This operation upgrades firmware and software on Security Platform Components
Here is the checklist of things that are recommended before starting Auto-Install
(1) Review current critical/major faults
(2) Initiate a configuration backup
Attention:
If you proceed the system will be re-imaged. All existing configuration will be lost,
and the default configuration applied.
Do you want to proceed? (yes/no):yes
/firmware/auto-install # sho
Firmware Auto-Install:
Package-Vers Oper State Upgrade State
------------ ---------------------------- -------------
6.6.0-90 Scheduled Validating Images
10-28-2020 12:15 AM
@gilbert.aispuro1 your procedure works for a device running FXOS like a Firepower appliance. That option is not available on the older 3D series NGIPS appliances (7000 and 8000 series)
10-31-2020 09:57 AM
Whoops
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: