Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1486
Views
20
Helpful
9
Replies

steps to convert 4112 to FTD

Go to solution
Dhikra Marghli
Level 5
Level 5

‎12-21-2022 02:17 AM - edited ‎12-21-2022 04:03 AM

Hello

 

i have FW 4112 CISCO  and have a version  show version
Version: 2.8(1.129)
Startup-Vers: 2.8(1.129)  and i want to convert FTD ?

 

FPR-4112-LAN-CNBB /system # show firmware monitor
FPRM:
Package-Vers: 2.8(1.129)
Upgrade-Status: Ready

Fabric Interconnect A:
Package-Vers: 2.8(1.129)
Upgrade-Status: Ready

Chassis 1:
Server 1:
Package-Vers: 2.8(1.129)
Upgrade-Status: Ready

 

i need the steps how convert 4112 to FTD?

FPR-4112-LAN-CNBB /firmware # show package
Name Version
--------------------------------------------- -------
fxos-k9.2.8.1.129.SPA 2.8(1.129)

i wait a reply and answer from  expert security  cisco !!

 

Thanks

0 Helpful
5 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-21-2022 05:43 AM

Your version output is from the chassis manager and shows the FXOS version. A Firepower 4112 chassis can run either ASA or FTD logical devices. FTD is by far the most common and you may already be running it. To verify, log into the GUI at the same IP address using your browser via https://<system IP address>. Then look at logical devices tab.

View solution in original post

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-21-2022 06:57 AM

4100 is chasis of FTD, you can host multi instances with FTD and also ASA

by default it come with FTD, so login to chasis manager and check

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni

‎12-22-2022 12:09 AM

Hi @Dhikra Marghli,

You are running FPR4100 device, which was clear from initial post. Also, as @Marvin Rhoads stated, you can run either FTD or ASA software.

I would recommend to go throung initial chassis deployment first, and after that to go for ASA deployment guide. If FTD is already deployed, you'll need to delete that instance, and to provision ASA instance instead.

Kind regards,

Milos

View solution in original post

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Dhikra Marghli

‎12-22-2022 01:13 AM

Once you have uploaded an image (why use the old 6.6.1 version by the way?), you must create and configure a logical device that boots that image.

View solution in original post

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Dhikra Marghli

‎12-22-2022 11:36 PM - edited ‎12-22-2022 11:37 PM

Yes, you must create each logical device separately first using the chassis manager.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-logical-devices.html

Then, after both are built and ready you use the Firepower Device Manger (in your case) to create an HA pair.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-ha.html#task_8C9258DA5A424DADB75C535451216D39

I would highly recommend the customer reconsider not using FMC. FDM has very limited capability to configure advanced features and no capability to store events other than real-time monitoring. Also, if they choose to change later, all policy configuration must be recreated manually in FMC as there is no migration path from local (FDM) to remote (FMC) management.

View solution in original post

9 Replies 9

Go to solution
Dhikra Marghli
Level 5
Level 5

‎12-21-2022 02:38 AM - edited ‎12-21-2022 03:36 AM

Please , i wait a reply from expert security ...help me how to convert fw4100 to FTD !!

thanks

 

what are the steps !!

 

Thanks

0 Helpful

Go to solution
Dhikra Marghli
Level 5
Level 5

‎12-21-2022 04:10 AM

please , c urgent , some one in forum can help me !!

thanks

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-21-2022 05:43 AM

Your version output is from the chassis manager and shows the FXOS version. A Firepower 4112 chassis can run either ASA or FTD logical devices. FTD is by far the most common and you may already be running it. To verify, log into the GUI at the same IP address using your browser via https://<system IP address>. Then look at logical devices tab.

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-21-2022 06:57 AM

4100 is chasis of FTD, you can host multi instances with FTD and also ASA

by default it come with FTD, so login to chasis manager and check

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Dhikra Marghli
Level 5
Level 5
In response to balaji.bandi

‎12-21-2022 11:48 PM

you  will have a picture ...

i try to upload image but it not yet installed 

 

download image ftp://admin@10.80.6.30/cisco-ftd.6.6.1.91.SPA.csp

 

please wy FW 4112  does not installet this image ftd !! 

 

thanks

Preview file
66 KB
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Dhikra Marghli

‎12-22-2022 01:13 AM

Once you have uploaded an image (why use the old 6.6.1 version by the way?), you must create and configure a logical device that boots that image.

Go to solution
Dhikra Marghli
Level 5
Level 5
In response to Marvin Rhoads

‎12-22-2022 11:13 PM

I downlod image and then i Create an FTD as a Standalone Logical Device and deploy it.  

 my goal , i want to have HA between  FW 4112 !!

so i choose device-logical   a Standalone and i choose manage via FDM not via FMC because cutomer need managed local not via FMC !! 

it is correct my work !!!

thanks in advance

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Dhikra Marghli

‎12-22-2022 11:36 PM - edited ‎12-22-2022 11:37 PM

Yes, you must create each logical device separately first using the chassis manager.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-logical-devices.html

Then, after both are built and ready you use the Firepower Device Manger (in your case) to create an HA pair.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-ha.html#task_8C9258DA5A424DADB75C535451216D39

I would highly recommend the customer reconsider not using FMC. FDM has very limited capability to configure advanced features and no capability to store events other than real-time monitoring. Also, if they choose to change later, all policy configuration must be recreated manually in FMC as there is no migration path from local (FDM) to remote (FMC) management.

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni

‎12-22-2022 12:09 AM

Hi @Dhikra Marghli,

You are running FPR4100 device, which was clear from initial post. Also, as @Marvin Rhoads stated, you can run either FTD or ASA software.

I would recommend to go throung initial chassis deployment first, and after that to go for ASA deployment guide. If FTD is already deployed, you'll need to delete that instance, and to provision ASA instance instead.

Kind regards,

Milos

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card