In this article, we will take a look at how to reimage the Cisco 5500-X series firewalls to Firepower Threat Defense (FTD). This article assumes that the reader is already familiar with ASA’s and Firepower, however, I will list some prerequisites below.
- Access to software.cisco.com to download the required images
- Console access and access to a TFTP & HTTP server (These are required to transfer the image files to your device)
- Most recent backup of device configurations (During the reimage the device configuration is wiped)
- Ensure the device has a Solid State Drive (SSD) installed the following command will help you determine whether you do or not
- 3 GB or more of free space, typically 3.01 is sufficient to allow space for the boot image. Use the following command to determine the current space on you 5500-X series appliance
- If re-imaging a lower end ASA such as the 5506-X, 5508-X or 5516-X the default firmware needs to upgraded to 1.1.8 or greater. All mid-range ASA’s such as the 5512-X, 5515-X etc don’t need a firmware upgrade. Use the following command to check the firmware version
NOTE: Please ensure before proceeding with the re-image of your device that you have permission to do so and that you’ve read the relevant Cisco documentation. It is also recommended that you have a maintenance window if performing the reimage on equipment that is within a live environment.
This demonstration is based on the re-image of a 5506-X ASA. Below are the versions of software used for this particular device in this demonstration.
- Firmware: 1.1.14
- Boot Image: 22.214.171.124
- FTD Software: 6.2.3
- PC to ASA has IP connectivity via the ASA’s MGMT Interface
- PC to ASA has a console connection to the ASA