cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1491
Views
20
Helpful
9
Replies

steps to convert 4112 to FTD

Dhikra Marghli
Level 5
Level 5

Hello

 

i have FW 4112 CISCO  and have a version  show version
Version: 2.8(1.129)
Startup-Vers: 2.8(1.129)  and i want to convert FTD ?

 

FPR-4112-LAN-CNBB /system # show firmware monitor
FPRM:
Package-Vers: 2.8(1.129)
Upgrade-Status: Ready

Fabric Interconnect A:
Package-Vers: 2.8(1.129)
Upgrade-Status: Ready

Chassis 1:
Server 1:
Package-Vers: 2.8(1.129)
Upgrade-Status: Ready

 

i need the steps how convert 4112 to FTD?

FPR-4112-LAN-CNBB /firmware # show package
Name Version
--------------------------------------------- -------
fxos-k9.2.8.1.129.SPA 2.8(1.129)

i wait a reply and answer from  expert security  cisco !!

 

Thanks

5 Accepted Solutions

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

Your version output is from the chassis manager and shows the FXOS version. A Firepower 4112 chassis can run either ASA or FTD logical devices. FTD is by far the most common and you may already be running it. To verify, log into the GUI at the same IP address using your browser via https://<system IP address>. Then look at logical devices tab.

View solution in original post

balaji.bandi
Hall of Fame
Hall of Fame

4100 is chasis of FTD, you can host multi instances with FTD and also ASA

by default it come with FTD, so login to chasis manager and check

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Milos_Jovanovic
VIP Alumni
VIP Alumni

Hi @Dhikra Marghli,

You are running FPR4100 device, which was clear from initial post. Also, as @Marvin Rhoads stated, you can run either FTD or ASA software.

I would recommend to go throung initial chassis deployment first, and after that to go for ASA deployment guide. If FTD is already deployed, you'll need to delete that instance, and to provision ASA instance instead.

Kind regards,

Milos

View solution in original post

Once you have uploaded an image (why use the old 6.6.1 version by the way?), you must create and configure a logical device that boots that image.

View solution in original post

Yes, you must create each logical device separately first using the chassis manager.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-logical-devices.html

Then, after both are built and ready you use the Firepower Device Manger (in your case) to create an HA pair.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-ha.html#task_8C9258DA5A424DADB75C535451216D39

I would highly recommend the customer reconsider not using FMC. FDM has very limited capability to configure advanced features and no capability to store events other than real-time monitoring. Also, if they choose to change later, all policy configuration must be recreated manually in FMC as there is no migration path from local (FDM) to remote (FMC) management.

View solution in original post

9 Replies 9

Dhikra Marghli
Level 5
Level 5

Please , i wait a reply from expert security ...help me how to convert fw4100 to FTD !!

thanks

 

what are the steps !!

 

Thanks

Dhikra Marghli
Level 5
Level 5

please , c urgent , some one in forum can help me !!

thanks

Marvin Rhoads
Hall of Fame
Hall of Fame

Your version output is from the chassis manager and shows the FXOS version. A Firepower 4112 chassis can run either ASA or FTD logical devices. FTD is by far the most common and you may already be running it. To verify, log into the GUI at the same IP address using your browser via https://<system IP address>. Then look at logical devices tab.

balaji.bandi
Hall of Fame
Hall of Fame

4100 is chasis of FTD, you can host multi instances with FTD and also ASA

by default it come with FTD, so login to chasis manager and check

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

you  will have a picture ...

i try to upload image but it not yet installed 

 

download image ftp://admin@10.80.6.30/cisco-ftd.6.6.1.91.SPA.csp

 

please wy FW 4112  does not installet this image ftd !! 

 

thanks

Once you have uploaded an image (why use the old 6.6.1 version by the way?), you must create and configure a logical device that boots that image.

I downlod image and then i Create an FTD as a Standalone Logical Device and deploy it.  

 my goal , i want to have HA between  FW 4112 !!

so i choose device-logical   a Standalone and i choose manage via FDM not via FMC because cutomer need managed local not via FMC !! 

it is correct my work !!!

thanks in advance

Yes, you must create each logical device separately first using the chassis manager.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-logical-devices.html

Then, after both are built and ready you use the Firepower Device Manger (in your case) to create an HA pair.

https://www.cisco.com/c/en/us/td/docs/security/firepower/730/fdm/fptd-fdm-config-guide-730/fptd-fdm-ha.html#task_8C9258DA5A424DADB75C535451216D39

I would highly recommend the customer reconsider not using FMC. FDM has very limited capability to configure advanced features and no capability to store events other than real-time monitoring. Also, if they choose to change later, all policy configuration must be recreated manually in FMC as there is no migration path from local (FDM) to remote (FMC) management.

Milos_Jovanovic
VIP Alumni
VIP Alumni

Hi @Dhikra Marghli,

You are running FPR4100 device, which was clear from initial post. Also, as @Marvin Rhoads stated, you can run either FTD or ASA software.

I would recommend to go throung initial chassis deployment first, and after that to go for ASA deployment guide. If FTD is already deployed, you'll need to delete that instance, and to provision ASA instance instead.

Kind regards,

Milos

Review Cisco Networking for a $25 gift card