Upgrading the FWSM software is pretty straightforward and well documented.
A user has to be careful though when upgrading from version 2.3 or earlier to 3.1 or later. He has to make sure he is running maintenance partition version 2.1.2 or later.
Check the maintenance partition
To check the version of the maintenance software follow the instructions here
Upgrade the maintenance partition, if necessary following the link.
You can upgrade the application partition from CLI as described here or from the maintenance partition as explained here.
ASDM software can be upgraded following this page .
As far as failover is concerned, the two units have to be running the same major, minor and maintenance release (ie x.y.z). During the upgrade of the pair though you may have different maintenance releases (not maintenance partition releases) (z number)
The user should always keep in mind that in a failover pair upgrade scenario, he should always upgrade and reboot the standby unit. Upgrading to a newer maintenance release can be done hitlessly in an active/standby scenario as long as the standby unit is always rebooted. In other word, one unit has to be made standby, reimaged and rebooted, and vice versa for the other unit. In an active/active case, all contexts have to be failed over to one unit and the other will have to be upgraded and rebooted and vice versa.
Upgrading the maintenance partition software can be done hitlessly by just upgrading the standby unit. Or in an active/active scenario, failing all the contexts to one unit and upgrading the maintenance partition software
In a major or minor release upgrade scenario, both units need to be rebooted with a small time difference (approximately 30secs) after they have been loaded with the new image. So a hitless upgrade is not possible.
Hi all, the best Community of the internet. I want to open a new issue to see if anybody have some experiences about next. Happen that I have a security solution installed based on two Cisco Firepower 2130 with ASA image configured as failover a...
We have recently integrated our ASA authentication with Azure Active Directly using SAML. Now users are asked to login through Microsoft web page and provide 2 factor authentication using Azure AD. Whenever a user disconnects their sessio...
"What is this 'Orbital Query Corner' thing", you ask? It's the name of an occasional series of articles, each discussing one particular point or use case for the Orbital advanced search feature that is available in Cisco Secure Endpoint starting at ...