In this article, we will take a look at how to reimage the Cisco 5500-X series firewalls to Firepower Threat Defense (FTD). This article assumes that the reader is already familiar with ASA’s and Firepower, however, I will list some prerequisites below.
Access to software.cisco.com to download the required images
Console access and access to a TFTP & HTTP server (These are required to transfer the image files to your device)
Most recent backup of device configurations (During the reimage the device configuration is wiped)
Ensure the device has a Solid State Drive (SSD) installed the following command will help you determine whether you do or not
3 GB or more of free space, typically 3.01 is sufficient to allow space for the boot image. Use the following command to determine the current space on you 5500-X series appliance
If re-imaging a lower end ASA such as the 5506-X, 5508-X or 5516-X the default firmware needs to upgraded to 1.1.8 or greater. All mid-range ASA’s such as the 5512-X, 5515-X etc don’t need a firmware upgrade. Use the following command to check the firmware version
NOTE: Please ensure before proceeding with the re-image of your device that you have permission to do so and that you’ve read the relevant Cisco documentation. It is also recommended that you have a maintenance window if performing the reimage on equipment that is within a live environment.
This demonstration is based on the re-image of a 5506-X ASA. Below are the versions of software used for this particular device in this demonstration.
Boot Image: 220.127.116.11
FTD Software: 6.2.3
Topology for illustration purposes only
PC to ASA has IP connectivity via the ASA’s MGMT Interface
PC to ASA has a console connection to the ASA