Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4113
Views
19
Helpful
5
Replies

Unable to upgrade FTD from 6.4 to 7.0.1 because Snort version

Go to solution
paynewj
Level 1
Level 1

‎12-02-2021 05:18 PM

I'm attempting to upgrade our Cisco Firepower 2110 appliance to FTD v7.0.1 (we're currently running FTD 6.4.0.9)

 

When I run the Readiness Check, it fails and points me to a log that has the following message:

 

Tailing /ngfw/var/log/sf/Cisco_FTD_SSP_FP2K_Upgrade-7.0.1/upgrade_readiness/upgrade_readiness.log ...
****************** FAILURE SCRIPT: 1 ***********************************
[211202 16:44:53:561]
SCRIPT NAME: 200_pre/006_check_snort.sh
RECOVERY MESSAGE: Snort minimum version required for upgrade: 2.9.18. Device is running: 2.9.14.9. Deploy configurations to the device and try again.

 

I downloaded the latest Snort rule version (2021-12-01-001-vrt) and I redeployed to the appliance, but I get the same error. After deploying the updated rules I saw that the Snort version was still 2.9.14 (Build 15906 - daq9). I haven't been able to find any documentation on how to update the Snort version. 

 

Any help is greatly appreciated. 

 

 

5 people had this problem
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-03-2021 12:54 AM

6.4.0.9 to 7.0.1 is confirmed as a supported direct upgrade path:

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/upgrade.html#Cisco_Reference.dita_581de4ac-7110-4633-bb1e-8369b85b3181

Since it is and you have done the obvious remediation step of ensuring you have current SRU, it looks like you may be hitting some sort of bug. I would suggest opening a TAC case to get it sorted out.

View solution in original post

5 Replies 5

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-03-2021 12:54 AM

6.4.0.9 to 7.0.1 is confirmed as a supported direct upgrade path:

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/upgrade.html#Cisco_Reference.dita_581de4ac-7110-4633-bb1e-8369b85b3181

Since it is and you have done the obvious remediation step of ensuring you have current SRU, it looks like you may be hitting some sort of bug. I would suggest opening a TAC case to get it sorted out.

Go to solution
paynewj
Level 1
Level 1
In response to Marvin Rhoads

‎12-09-2021 05:03 AM

Thanks for the reply, Marvin. I thought that might be the issue. A TAC case has been opened.

0 Helpful

Go to solution
imanv
Level 1
Level 1
In response to paynewj

‎02-20-2022 04:47 AM

Hi,

 

Would you please send the result here.

I saw same errors.

 

Best Regards.

0 Helpful

Go to solution
serdar.nazli
Level 1
Level 1

‎04-07-2022 01:02 PM

I had the same problem too. But I realized that I didn't deploy after upgrading the FMC to 7.0.1. I deployed upgraded version to the FTDs then tried to upgrade the FTDs. They works!

Go to solution
Jeff Ferrell
Level 1
Level 1
In response to serdar.nazli

‎08-10-2022 08:40 AM

Thanks for the reply, this was my issue to the T!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card