Thanks for the reply. I was reading that and maybe I don't understand it correctly. Do I need to install a newer version of ASDM before I can copy the ASA image over?

I added asdm-7191-95.bin to the firewall and was able to successfully get into the firewall from ASDM. I even tried transferring the file using ASDM and it failed there as well. The current firmware on the ASA is 9.10(1)

Cisco Adaptive Security Appliance Software Version 9.10(1)
Firepower Extensible Operating System Version 2.4(1.103)
Device Manager Version 7.10(1)

Compiled on Wed 24-Oct-18 17:07 PDT by builders
System image file is "disk0:/mnt/boot/installables/switch/fxos-k8-fp2k-npu.2.4.1 .103.SPA"
Config file at boot was "startup-config"

columbia-asa up 161 days 17 hours
failover cluster up 161 days 17 hours

Hardware: FPR-2140, 14822 MB RAM, CPU MIPS 1800 MHz, 1 CPU (16 cores)

1: Int: Internal-Data0/1 : address is 000f.b748.4800, irq 0
3: Ext: Management1/1 : address is e8d3.225a.3a81, irq 0
4: Int: Internal-Data1/1 : address is 0000.0100.0001, irq 0
5: Int: Internal-Data1/2 : address is 0000.0000.0000, irq 0

License mode: Smart Licensing

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 1024
Inside Hosts : Unlimited
Failover : Active/Active
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 2
Carrier : Disabled
AnyConnect Premium Peers : 10000
AnyConnect Essentials : Disabled
Other VPN Peers : 10000
Total VPN Peers : 10000
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total TLS Proxy Sessions : 10000
Cluster : Disabled

Failover cluster licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 1024
Inside Hosts : Unlimited
Failover : Active/Active
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 4
Carrier : Disabled
AnyConnect Premium Peers : 10000
AnyConnect Essentials : Disabled
Other VPN Peers : 10000
Total VPN Peers : 10000
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total TLS Proxy Sessions : 10000
Cluster : Disabled

Maybe I'm just doing this wrong. Not a FirePower SME by any means. Do I have to update this file - fxos-k8-fp2k-npu.2.4.1 .103.SPA? Wonder if the ASA image is included in the latest package for that?

Also, I was able to successfully push this image to our FP1150's running ASA mode at another site and finished the upgrade for those yesterday. So just having issues on the 2140's

Yes, sorry for not being clear. Same version for both firewall platforms but different files:

FPR-1150: cisco-asa-fp1k.9.18.4.22.SPA worked without issue

FPR-2140: cisco-asa-fp2k.9.18.4.22.SPA - does not allow me to copy over to the ASA

Yeah, I have had a similar issue where the file did not download correctly and the hash did not match, so the system would not install it.

you can check the hash of the file in windows and compare it to the hash on cisco's site. If it doesn't match try to download it again and re-check.

in windows pull up a command prompt and this is the command. change <file> with the filename. just be in the folder the file is in.

certutil -hashfile <file> MD5

PS C:\Users\Administrator\Desktop> certutil -hashfile .\cisco-asa-fp2k.9.18.4.22.spa MD5
MD5 hash of .\cisco-asa-fp2k.9.18.4.22.spa:
9ba8d793ef1e3dbdfef3f0bb60a08ab5
CertUtil: -hashfile command completed successfully.

This looks like it matches what is on Cisco's website for this image -