cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5024
Views
19
Helpful
5
Replies

Unable to upgrade FTD from 6.4 to 7.0.1 because Snort version

paynewj
Level 1
Level 1

I'm attempting to upgrade our Cisco Firepower 2110 appliance to FTD v7.0.1 (we're currently running FTD 6.4.0.9)

 

When I run the Readiness Check, it fails and points me to a log that has the following message:

 

Tailing /ngfw/var/log/sf/Cisco_FTD_SSP_FP2K_Upgrade-7.0.1/upgrade_readiness/upgrade_readiness.log ...
****************** FAILURE SCRIPT: 1 ***********************************
[211202 16:44:53:561]
SCRIPT NAME: 200_pre/006_check_snort.sh
RECOVERY MESSAGE: Snort minimum version required for upgrade: 2.9.18. Device is running: 2.9.14.9. Deploy configurations to the device and try again.

 

I downloaded the latest Snort rule version (2021-12-01-001-vrt) and I redeployed to the appliance, but I get the same error. After deploying the updated rules I saw that the Snort version was still 2.9.14 (Build 15906 - daq9). I haven't been able to find any documentation on how to update the Snort version. 

 

Any help is greatly appreciated. 

 

 

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

6.4.0.9 to 7.0.1 is confirmed as a supported direct upgrade path:

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/upgrade.html#Cisco_Reference.dita_581de4ac-7110-4633-bb1e-8369b85b3181

Since it is and you have done the obvious remediation step of ensuring you have current SRU, it looks like you may be hitting some sort of bug. I would suggest opening a TAC case to get it sorted out.

View solution in original post

5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

6.4.0.9 to 7.0.1 is confirmed as a supported direct upgrade path:

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/upgrade.html#Cisco_Reference.dita_581de4ac-7110-4633-bb1e-8369b85b3181

Since it is and you have done the obvious remediation step of ensuring you have current SRU, it looks like you may be hitting some sort of bug. I would suggest opening a TAC case to get it sorted out.

Thanks for the reply, Marvin. I thought that might be the issue. A TAC case has been opened.

Hi,

 

Would you please send the result here.

I saw same errors.

 

Best Regards.

serdar.nazli
Level 1
Level 1

I had the same problem too. But I realized that I didn't deploy after upgrading the FMC to 7.0.1. I deployed upgraded version to the FTDs then tried to upgrade the FTDs. They works!

Thanks for the reply, this was my issue to the T!

Review Cisco Networking for a $25 gift card