Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1762
Views
0
Helpful
4
Replies

Which SRU, VDB, GeoDB Updates for vFMC 2110s

dewey89
Level 1
Level 1

‎04-06-2020 08:42 AM

  I currently have deployments that won't complete on a vFMC cluster.  I think the updates that are not completing is from the SRU, VDB and GeoDB updates I've been trying to push.

  Everything else seems to complete all right, but when I check the "DEPLOY" option in the top right corner there's always something that hasn't deployed.

  I know things are still deploying all right because I'll make changes like changes to policies or creating a new object.  I even had to change our outside interface IP and GW and it deployed fine.

 

  I think the issue is with what kind of file I uploaded "SRU, VDB and GeoDB" for our equipment.  There are two types of files "Cisco_Firepower or just Cisco_" and "Sourcefire".

 

Which one is correct for each use?  We have a virtual vFMC and 2110 hardware running 6.4.0.7 Firepower software.  Not running ASA.

0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-06-2020 10:30 AM - edited ‎04-06-2020 10:32 AM

Is there a reason why you don't just let your FMC choose the proper updates to download and apply?

If you have to download them manually, you would use the ones whose names begin with "Cisco" since you have FMC 6.4 or later.

0 Helpful

dewey89
Level 1
Level 1
In response to Marvin Rhoads

‎04-06-2020 10:36 AM

Marvin, thanks for the reply.  Sorry I should have said we have to download our updates.  When we first installed using 6.2 it was new enough where we had to use the sourcefire.  I think it was just for the SRU, but I would have to go back and read my notes.

0 Helpful

dewey89
Level 1
Level 1
In response to Marvin Rhoads

‎04-06-2020 10:51 AM

How do you review what is not getting pushed when you run the Deploy Policies button at the top right of the screen?

  It looks like they were successful under the following.

 

The Cisco Vulnerability and Fingerprint Database Updates shows version 330.  Under the reboot column it says no for reboot.

 

Rule Updates Looks like it's running.

Geolocation Updates Looks like it's running.

 

 

  I'm assuming it's one of these as everything else has deployed correctly.  When I expand the device to be deployed to there are two items that are checked that never finish.

 

  How do you remove deployment items so that you can start over?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to dewey89

‎04-07-2020 02:58 AM

To remove a deployment item, please open a TAC case. It involves root shell access and direct manipulation of the underlying database - something that should generally not be done without specific TAC guidance.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card