Reddit Feeds

Sign up and stay connected to your favorite communities.

sign uplog in
4

Upgrading Cisco Firepower to 6.2.3

Edit: Sorry, should say Firepower Management Center.

So at that top of the download page it says "If you have not already upgraded to the 6.2.3 release, please use the 6.2.3-84 upgrade package for Firepower Management Centers". It also says do not use 6.2.3-83 due to bug CSCvi7752, "upgrade to 6.2.3 fails with post install database integrity check error".

I'm running FMC on VMWare for which only 6.2.3-83 is listed as available for download. Is anyone running this version? Do I need to avoid it?

Separately but somewhat related, the release notes say:

"New features in Version 6.2.3 involve sharing data with Cisco. Web analytics tracking sends non-personally-identifiable usage data to Cisco, including but not limited to pages viewed, the time spent on a page, browser versions, product versions, user location, and management IP addresses or hostnames of your Firepower Management Centers.

You cannot opt out of web analytics participation during the upgrade process. You can either disable web analytics after the upgrade or not install the upgrade".

That seems kind of wacky to me. I expect that kind of thing with a phone app, not commercial-grade software that costs lots of money.

11 comments
65% Upvoted
What are your thoughts? Log in or Sign uplog insign up

The 6.2.3-83 VMWare image is the full image. The 6.2.3-84 is the "upgrade". If you just install 83 from scratch it doesn't seem the bug applies hence why the BU didn't reissue the full image.

Just my quick read on it. I didn't dig into the case history.

This was my take on it as well, when I saw the .84 drop a day after .83

Original Poster1 point·4 days ago

Ah ok, that makes sense. Thanks.

Original Poster1 point·4 days ago

Well I tried the .84 file and it rejected it saying it's not a valid update file. Same with .83. I'm bored with it now, I'll fiddle with it on Monday.

When you say available for download, are you talking about within FMC or on Cisco's support site? The .84 .sh package is definitely available on the latter, you don't need to use the .tar.gz file (which I see only lists .83).

Original Poster1 point·4 days ago·edited 4 days ago

Edit, never mind, I get it now.

I mean on Cisco's support site. I'm looking at this page: https://software.cisco.com/download/home/286259687/type/286271056/release/6.2.3

My assumption is that I need the VMWare version which is still .83. Maybe I'm reading it wrong.

If you're upgrading through the gui, all you need is the .84 .sh file (which should be the first one on that page). I know that works because I just upgraded from 6.1 to 6.2.3.1 over the course of the last few weeks.

You'll download it, then upload in the GUI on the Updates page.

I just did it earlier this week and it went without issue - I installed Sourcefire_3D_Defense_Center_S3_Upgrade-6.2.3-84.sh from the CCO. Then patched to -85 or 6.2.3.1

Goddamnit... Cisco's naming convention continues to elude me. We have to upgrade our FMC and modules sometime soon as well, not looking forward to decrypting the names of the downloads we need to find.

I think I'm on -70? Not sure. Can check tomorrow. Going to 6.2.3.1 soon tho.

A+/N+/S+/CCNA1 point·5 days ago

i updated 6.2.2.2 to 6.2.3.84, i had to download from cisco and yes i also seen to NOT use 6.2.3.83 for fmc. so download .84 then upload into updates area, then install it.

make sure you have cli access because this is a 45min update and eventually the gui webpage will timeout and will not be able to login untill all done, i kept a constant ping to the fmc mgmt ip.

then debate on patching to 6.2.3.84-1 like me, next is getting my ftd's updating to 6.2.3.83.

Community Details

117k

Subscribers

511

Online

###Enterprise Networking Routers, switches and firewalls. Network blogs, news and network management articles. Cisco, Juniper, Brocade and more all welcome.

Create Post

r/networking Rules

1.
Rule #1: No Home Networking.
2.
Rule #2: No Certification Brain Dumps / Cheating.
3.
Rule #3: No BlogSpam / Traffic re-direction.
4.
Rule #4: No Low Quality Posts.
5.
Rule #5: No Early Career Advice.
6.
Rule #6: Educational Questions must show effort.
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.