Sfr ASA FirePOWER Not Applicable 6.0.0-1005 Mod SSM Application Name Status SSM Application Version Sfr FirePOWER Services Software Module ASA5508 JAD2008761R X with FirePOWER services, 8GE, AC, ASA5508 JAD2008761R What I like to do is SSH into the firewall and issue the following command There are other things you can look at if you’re nervous.Don’t panic: it looks like it’s crashed for hours – it’s fine.You can follow progress (to a point) from the task information popup (Once the SFR module goes down you wont see anything apart from an error, unless your version is 6.1.0 or newer (which shows a nice progress bar). Note: This is a reboot of the FirePOWER module, NOT the Firewall. When uploaded > Select your update > Install, (if the install needs a reboot accept the warning). Upload your update, (this can take a while). Once you have downloaded your update, login to the ASDM > Configuration > ASA FirePOWER Configuration > Updates > Upload Update. sh, i.e. Cisco_Network_Sensor_Patch-6.0.1-29.sh ( DON’T Email me asking for updates you need a valid Cisco support agreement tied to your Cisco CCO login.) The files you need are the ones which end in. Sometimes when you go to the downloads section at Cisco these are no-where to be found! This happens when a version gets updated, in the example above one of my steps is 6.0.1 pre installation package, this was no where to be found, so I actually used 6.0.1-29. Well that’s a lot of upgrades! You may notice that there’s some ‘pre-installation packages’. Thankfully this does not affect the firewall itself, (assuming you set the SFR to Fail Open).įirst task is to find out what the latest version is, at time of writing thats 6.2.2, open the release notes for that version and locate the upgrade path, it looks like this So Instead of imaging it I decided to upgrade it, this takes a LOOOOOOOONG TIME! (4-6 hours per upgrade) and you cannot simply upgrade straight to the latest version. This week I had an existing customer, who has an ASA5508-X but wasn’t using his FirePOWER, I’d installed the controller licence when I set it up originally, (as a safe guard in case the licence got lost, which nearly always happens!) The firewall was pretty much up to date but the SFR was running 5.4.0 (at time of writing we are at 6.2.2). How to do so will depend on the tools you use to create your archive. zip archive using the compression method 'Deflate' instead of the 'LZMA' which you are currently using. Like So Re-Image and Update the Cisco FirePOWER Services Module The zip implementation within Firefox only supports uncompressed files or files compressed with the 'Deflate' algorithm. But then I tend to install new firewalls set them up and walk away, so its easier (and a LOT quicker) to simply image the module to the latest version and then set it up. Normally I don’t like upgrading the SFR this way.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |