Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
523
Views
2
Helpful
3
Replies

Unable to upgrade a Firepower 1120 from rel. 7.0.1.1 to 7.0.5

Go to solution
swscco001
Level 1
Level 1

‎05-16-2023 05:49 AM

Hello everybody,

uur customer has a FMCv 7.0.5 and I have to upgrade the firewalls to 7.0.5.

I was unable to upgrade Firepower 1120 from rel. 7.0.1.1 to 7.0.5 even if
there was no pending deployment and the ReadinessCheck was successful.

I just got the information in the completed tasks "Update Install Failed"
(see attached).

Where is a log file where I can get additional infomation about the
reason for this issue?

Every hint is welcome!

Thanks a lot!



Bye
R.

Preview file
217 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-16-2023 05:56 AM

There should be a directory specific to the upgrade attempt on the target appliance. It will be in /var/log/sf/<name of upgrade version>. Look in there for a file called status.log and the failing step will be at the end of the file.

View solution in original post

3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-16-2023 05:56 AM

There should be a directory specific to the upgrade attempt on the target appliance. It will be in /var/log/sf/<name of upgrade version>. Look in there for a file called status.log and the failing step will be at the end of the file.

Go to solution
swscco001
Level 1
Level 1
In response to Marvin Rhoads

‎05-16-2023 11:51 PM

Good morning Marvin,

thanks fo your fast reply!

Unfortunately there is no directory /var/log/sf on the Firepower1120:

root@FTD-VEN-01:/home/admin# cd /var/log/sf/
sh: cd: /var/log/sf/: No such file or directory
root@FTD-VEN-01:/home/admin# ls -
ls: cannot access '-': No such file or directory
root@FTD-VEN-01:/home/admin# ls -l
total 0
root@FTD-VEN-01:/home/admin# cd /var
root@FTD-VEN-01:/var# cd log
root@FTD-VEN-01:/var/log# cd sf
sh: cd: sf: No such file or directory
root@FTD-VEN-01:/var/log# ls -l
total 915348
drwxr-xr-x 2 root root      4096 Mar  8  2022 apache2
-rw-r----- 1 root root      1172 Mar  8  2022 boot
-rw-r--r-- 1 root root     46487 Aug 16  2022 boot_1660644282
-rw-r--r-- 1 root root     46487 Dec  5 08:40 boot_1670229613
-rw-r----- 1 root root      2020 Mar  8  2022 boot~
-rw------- 1 root utmp 271745024 May 17 06:48 btmp
-rw------- 1 root utmp 400519168 Dec  5 07:16 btmp-20221205
-rw-r--r-- 1 root root     47650 Mar  8  2022 dmesg
-rw-r--r-- 1 root root      4096 May 17 06:40 faillog
drwxr-x--- 2 root www       4096 Mar  8  2022 httpd
-rw-r--r-- 1 root root    292292 May 17 06:40 lastlog
-rw-r--r-- 1 root root         0 Mar  9  2022 ngfwManager.log
-rw-r--r-- 1 root root   4333568 May 16 13:56 ngfwManagerMessages.log
-rw-r--r-- 1 root root       160 Dec  5 08:38 postinstall.log
drwxr-xr-x 2 root root      4096 Mar  8  2022 radius
drwxr-xr-x 2 root root      4096 Mar  8  2022 sa
-rw-r--r-- 1 root root      4183 Dec  5 08:43 syslogForwardHandler.log
-rw-r--r-- 1 root root         0 Mar  9  2022 umpd_stderr.log
-rw-rw-r-- 1 root utmp 103305216 May 17 06:47 wtmp
-rw-rw-r-- 1 root utmp 156262272 Dec  5 08:38 wtmp-20221205
root@FTD-VEN-01:/var/log#

Is there another directory where I can check for a log file that contains a hint about the failed upgrade?

Thanks a lot!



Bye
R.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to swscco001

‎05-17-2023 12:12 AM - edited ‎05-17-2023 12:12 AM

Sorry, on the 1000 series platform the folder is under /ngfw/var/log/sf. See the following:

 

Cisco Firepower 1120 Threat Defense v7.2.4 (build 165)

> expert
admin@firepower:~$ cd /ngfw/var/log/sf
admin@firepower:/ngfw/var/log/sf$ ls -al | grep Cisco
drwxr-xr-x 13 root root    4096 Mar  9 04:46 Cisco_FTD_SSP_FP1K_Upgrade-7.2.3
drwxr-xr-x 13 root root    4096 May  5 15:51 Cisco_FTD_SSP_FP1K_Upgrade-7.2.4
admin@firepower:/ngfw/var/log/sf$ 
admin@firepower:/ngfw/var/log/sf$ cd Cisco_FTD_SSP_FP1K_Upgrade-7.2.4
admin@firepower:/ngfw/var/log/sf/Cisco_FTD_SSP_FP1K_Upgrade-7.2.4$ tail status.log
ui: Upgrade in progress: (46% done.14 mins to reboot). Finishing the upgrade... (999_finish/999_y02_python2_pth_clean.sh)
ui: Upgrade in progress: (46% done.14 mins to reboot). Finishing the upgrade... (999_finish/999_z_must_remain_last_finalize_boot.sh)
ui: Upgrade in progress: (46% done.14 mins to reboot). Finishing the upgrade... (999_finish/999_zz_install_bundle.sh)
ui: Upgrade in progress: (46% done.14 mins to reboot). Finishing the upgrade... (999_finish/999_zzz_complete_upgrade_message.sh)
ui: Upgrade complete
ui: The system will reboot after FXOS platform upgrade completes followed by a firmware upgrade.
ui: Upgrade to 7.2.4-165 completed successfully. FTD is starting up.
ui: Upgrade completed successfully. Applications are starting.
ui: Upgrade completed with FTD started successfully
state:finished
admin@firepower:/ngfw/var/log/sf/Cisco_FTD_SSP_FP1K_Upgrade-7.2.4$

 

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card