Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1535
Views
41
Helpful
16
Replies

FMC/FTD Upgrade matrix question

Go to solution
benolyndav
Level 4
Level 4

‎02-17-2023 01:45 AM

Hi

see image below

I was planning on upgrading to 7.05 which looks now to be cisco reccomended version, but after double checking the matrix it seems that thats not an option as if I upgrade FMC to 7.05 it wont be able to manage the FTD's, version 7.2 looks to be the the first step, is this correct/ accurate.??

also not sure why the FMC isnt downloading the lates versions for the FTD's its downloading the lates FMC version, these devices are all in the same group for external access to cisco sites.? any idea

Thanks

 

benolyndav_0-1676626846560.png

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP
In response to benolyndav

‎02-17-2023 07:31 AM

Correct

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

16 Replies 16

Go to solution
Karsten Iwen
VIP
VIP

‎02-17-2023 01:53 AM

If your FMC is running 7.0 you can manage FTDs versions 7.0 down to 6.4. So your 6.6 firewalls are included.

Go to solution
Marius Gunnerud
VIP
VIP

‎02-17-2023 04:17 AM

What that means is that the Oldest version you can manage with FMC 7.0.x is 6.4.  Meaning you can manage 6.4.x, 6.5.x, 6.6.x, 6.7, 7.0.x.  You CANNOT mannage 6.3 with FMC 7.0.x

The same goes for 7.2.x.  You can manage any FTD running a version between 6.6.x and 7.2.x, but you will not be able to manage 6.5 and older.

--
Please remember to select a correct answer and rate helpful posts

Go to solution
benolyndav
Level 4
Level 4
In response to Marius Gunnerud

‎02-17-2023 04:26 AM

Hi

YesI understand that but what I'm asking is I cant upgrade to 7.0.5 like I was planning because based on the matrix I could only go to 7.02 so FMC can still manage the FTD's.??
Thanks

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to benolyndav

‎02-17-2023 04:29 AM

Where do you see this stated? And yes, you will still be able to manage these older devices.

0 Helpful

Go to solution
benolyndav
Level 4
Level 4
In response to Karsten Iwen

‎02-17-2023 05:57 AM

Hi

its staed here on the screen shot of the matrix in my original post, I can only go to version 7.0.2 because the FTD;s are on 6.6.x so the matris states that when the manager is on 7.02 the oldest device it can manage is 6.6.x, hence why i cant go to 7.03, 7.04, 7.05, because according to the matrix the manager wouldnt be able to manage the FTD on version 6.6.x
thanks

 

benolyndav_0-1676641993069.png

 

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP
In response to benolyndav

‎02-17-2023 06:11 AM

There is no 7.0.2 in the screenshot. The matrix lists major versions. And your conclusion is wrong.

Go to solution
benolyndav
Level 4
Level 4
In response to Karsten Iwen

‎02-17-2023 06:24 AM

Hi

This why I am asking the experts I'm unsure, so on the cisco software page its 7.0.x, so does for instance 7.02 on the software page correlate to 7.2 on the matrix.

Thanks

 

benolyndav_2-1676643748211.png

 

 

 

 

 

 



0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to benolyndav

‎02-17-2023 06:33 AM

7.0.2 and 7.2.x are different versions altogether. The compatibility matrix only list major releases (7.0, 7.1, 7.2 etc). Minor releases (i.e., 7.0.4) are covered by the guidance issued for the parent major release (i.e., 7.0).

The "download updates" feature in FMC will only detect minor updates and patches. Major updates need to be uploaded manually. (This changes in 7.3 and later.)

Go to solution
benolyndav
Level 4
Level 4
In response to Marvin Rhoads

‎02-17-2023 06:46 AM

Ah ha got you

So can I upgrade from 6.6.5 directly to 7.2 then, there used to be another matrix saying what you could upgrade to I cant find this now.

Thanks

0 Helpful

Go to solution
benolyndav
Level 4
Level 4
In response to Marvin Rhoads

‎02-17-2023 07:18 AM

Hi
Is this saying that FMC 1000 cant upgrade past 7.0  version ???

benolyndav_0-1676647024235.png

 

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP
In response to benolyndav

‎02-17-2023 07:31 AM

Correct

--
Please remember to select a correct answer and rate helpful posts

Go to solution
Marius Gunnerud
VIP
VIP
In response to benolyndav

‎02-17-2023 06:35 AM

7.0.2 is not the same as 7.2.  If you are only seeing 7.0.2 it means you do not have entitlement to any of the other software versions at the moment.

--
Please remember to select a correct answer and rate helpful posts

Go to solution
Marius Gunnerud
VIP
VIP
In response to benolyndav

‎02-17-2023 06:16 AM

Your screenshot is not indicating anything other than that you are able to manage a FTD 6.6.x version with a FMC 7.2.x.

We have deployments running 7.2 managing 6.6.  So your understanding of the Compatibility matrix is incorrect.

Here is the compatibility guide for your reference.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/compatibility/management-center-compatibility.html

 

--
Please remember to select a correct answer and rate helpful posts

Go to solution
benolyndav
Level 4
Level 4
In response to Marius Gunnerud

‎02-17-2023 06:30 AM - edited ‎02-17-2023 06:31 AM

Hi 

Yes I understand that but my question originally was it looks like if I upgrade the FMC past 7.2 it wont be able to manage the FTD's based on the matrix, the matrix says the oldest device 7.3 can manage is 6.7, we are running 6.6 on the FTD.
Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card