Upgrade request on FPR4K-SM-12

arumugasamy · ‎05-21-2023

Team

Thank you all for your support.

Here I need your quick help to solve the upgrade issue. I need to upgrade the FPR4K-SM-12 to the latest release but so far I have no expertise on this FPR4K-SM-12 product. Can anyone support me with your expertise? I like to have the Upgrade Guide and step-by-step procedures.

pri/act# sh version

Cisco Adaptive Security Appliance Software Version 9.9(2) <system> Firepower Extensible Operating System Version 2.3(1.77) Device Manager Version 7.9(2)

Compiled on Sun 25-Mar-18 17:49 PDT by builders System image file is "disk0:/fxos-lfbff-k8.2.3.1.77.SPA"
Config file at boot was "startup-config"

FW-01 up 3 years 101 days
failover cluster up 3 years 101 days

SSP Slot Number: 1

Hardware: FPR4K-SM-12, 57675 MB RAM, CPU Xeon E5 series 2194 MHz, 1 CPU (24 cores)

Encryption hardware device : Cisco FP Crypto on-board accelerator (revision 0x1)
Boot microcode : CN35x-MC-Boot-0001
SSL/IKE microcode : CNN35x-MC-SSL-0014
IPSec microcode : CNN35x-MC-IPSEC-0005
Number of accelerators: 1

4099: Int: Internal-Data0/0 : address is 0015.a500.00bf, irq 11
4101: Int: Internal-Data0/1 : address is 0015.a500.011f, irq 10
4102: Int: Internal-Data0/2 : address is 0000.0001.0003, irq 0

License mode: Smart Licensing

Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 1024
Inside Hosts : Unlimited
Failover : Active/Active
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 10
Carrier : Disabled
AnyConnect Premium Peers : 10000
AnyConnect Essentials : Disabled
Other VPN Peers : 10000
Total VPN Peers : 10000
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total TLS Proxy Sessions : 10000
Cluster : Enabled

Failover cluster licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 1024
Inside Hosts : Unlimited
Failover : Active/Active
Encryption-DES : Enabled
Encryption-3DES-AES : Enabled
Security Contexts : 20
Carrier : Disabled
AnyConnect Premium Peers : 10000
AnyConnect Essentials : Disabled
Other VPN Peers : 10000
Total VPN Peers : 10000
AnyConnect for Mobile : Enabled
AnyConnect for Cisco VPN Phone : Enabled
Advanced Endpoint Assessment : Enabled
Shared License : Disabled
Total TLS Proxy Sessions : 10000
Cluster : Enabled

Rob Ingram · ‎05-21-2023

@arumugasamy upgrade guide for 4100 running ASA software. https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/firepower-4100-9300.html

On 4100/9300 hardware the FXOS fimware must be upgraded separately. FXOS compatibilty guide - https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/compatibility/fxos-compatibility.html

Depending on what features you are running on the ASA such as VPN, be aware that weaker crypto has been depreciated, you may need to change your crypto settings to use stronger ciphers.

arumugasamy · ‎05-21-2023

Thank you so much for your support. It is running in HA Act/Standby

Sheraz.Salim · ‎05-21-2023

Rob have give your the right direction and provided all the required link. In order to upgrade the FPR4K-SM-12 you need to upgrade the standby unit first once upgrade is completed on the standby make it active and start working on the other unit.

please do not forget to rate.

MHM Cisco World · ‎05-21-2023

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200896-Upgrading-an-FTD-HA-pair-on-Firepower-ap.html

check this link