Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
606
Views
2
Helpful
4
Replies

Upgrade FTD 2140 via cli

Go to solution
atsukane
Level 1
Level 1

‎06-10-2024 01:27 PM - edited ‎06-10-2024 01:44 PM

Hi All,

We've been seeing mysterious reboots of FPR2140 running 7.2.4, so logged a TAC case.

According to TAC we were hitting the following defects.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwh10681 [bst.cloudapps.cisco.com]
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi21030 [bst.cloudapps.cisco.com]

So,  RMA was issued and we received a replacement.

However, for some reason I couldn't add the new device to FMC, it turns out that the replacement unit which came with 6.4 cannot be supported on FMC running 7.2.

Based off the compatibility matrix the oldest FTD version that FMC 7.2 can support is 6.6.  

How do we go about upgrading the FTD in this case, suppose we'd have to use cli/expert mode?

Any assistance is very much appreciated.

 

Thanks,

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ccieexpert
Spotlight
Spotlight

‎06-10-2024 04:41 PM

it may best to reimage the firewall to 7.2

https://www.cisco.com/c/en/us/support/docs/security/firepower-1000-series/220642-reimage-a-secure-firewall-threat-defense.html

you can also use FDM which the onboard local manager and upgrade from that... but it it is time consuming.. reimage the fastest and best. the reimage is much cleaner option rather than upgrades as it involves replacing files etc..

View solution in original post

4 Replies 4

Go to solution
ccieexpert
Spotlight
Spotlight

‎06-10-2024 04:41 PM

it may best to reimage the firewall to 7.2

https://www.cisco.com/c/en/us/support/docs/security/firepower-1000-series/220642-reimage-a-secure-firewall-threat-defense.html

you can also use FDM which the onboard local manager and upgrade from that... but it it is time consuming.. reimage the fastest and best. the reimage is much cleaner option rather than upgrades as it involves replacing files etc..

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-10-2024 08:25 PM

Reimage is the best choice with that unit. You could also request the TAC issue a replacement RMA to avoid the hassle for you if you didn't want to reimage. They have the ability to specify the replacement unit run something newer than 6.4 - at least 7.0 or later.

Go to solution
atsukane
Level 1
Level 1

‎06-11-2024 12:35 AM

Thank you @ccieexpert and @Marvin Rhoads .

Reimage it is then!

0 Helpful

Go to solution
atsukane
Level 1
Level 1

‎06-20-2024 01:00 AM

just reporting back to say that reimage has worked, thanks both.

also sharing a link that TAC has shared with us which includes a different way of reimaging.

Cisco FXOS Troubleshooting Guide for the Firepower 1000/2100 and Secure Firewall 3100/4200 with Threat Defense - Reimage Procedures [Cisco Secure Firewall Threat Defense] - Cisco

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card