400-618-8070

10alt" />
新闻资讯
News
企业新闻
FirePower 9K防火墙通过FXOS CLI升级ASA Version-乾颐堂李冰
发布时间:2017-09-12   浏览次数:   分享:

FirePower 9K防火墙通过FXOS CLI升级ASA Version

 本文由乾颐堂CCIE培训讲师李冰提供

上传ASA镜像到FXOS机箱

进入安全服务模式:

9K-FTD# scope ssa

9K-FTD / ssa #

 

查看FXOS机箱中的镜像:

9K-FTD / ssa # show app


进入APP应用模式:

9K-FTD / ssa # scope app-software

9K-FTD / ssa /app-software #

 

下载镜像:

9K-FTD /ssa /app-software # download image tftp://150.1.7.200/cisco-asa.9.6.3.1.SPA.csp

 

查看下载:

9K-FTD /ssa /app-software # show download-task

Downloads for Application Software:

File Name                              State                 Protocol     Server          Port

------------------------------ ---------- -------------------- ----------------------------

cisco-asa.9.6.3.1.SPA.csp             Downloaded            Tftp        150.1.7.200      0

 

再查看机箱中的镜像:

9K-FTD /ssa/app-software # show app

升级ASA Version:

9K-FTD / ssa # scope slot 1

9K-FTD / ssa /slot # scope app-interface asa

9K-FTD / ssa /slot/app-instance # set startup-version 9.6.3.1

9K-FTD / ssa /slot/app-instance* #

9K-FTD / ssa /slot/app-instance* # show configuration pending

  Enter app-instance asa

+   set startup-version 9.6.3.1

Exit

9K-FTD / ssa /slot/app-instance* # commit-buffer (提交后重启SM)

9K-FTD / ssa /slot/app-instance#

...............................................................

...............................................................

9K-FTD# connect module 1 console

Firepower-module1>connect asa

Connecting to asa console... hit Ctrl + A + D to return to bootCLI

(c) (1) (ii) of the Rights in Technical Data and Computer

Cisco Systems, Inc.

170 West Tasman Drive

San Jose, California 95134-1706

Reading from flash...

!!!

Configuration Compatibility Warning:

The version 9.7(1)4 configuration may contain syntax that is

not backward compatible with the 9.6(3)1 image that is loaded.

*** Output from config line 8, "ASA Version 9.7(1)4 "

..... MIO module heartbeat failure detected

failover can not be enabled.

*** Output from config line 241, "failover"

timeout igp stale-route 0:01:10

*** Output from config line 272, "timeout igp stale-route ..."

..

Cryptochecksum (unchanged): c1bb600e ad7558a1 32ae3bc4 b80c5ac7

INFO: Power-On Self-Test in process.

.......................

INFO: Power-On Self-Test complete.

INFO: Starting HW-DRBG health test (DRBG 0)...

INFO: HW-DRBG health test (DRBG 0) passed.

INFO: Starting HW-DRBG health test (DRBG 1)...

INFO: HW-DRBG health test (DRBG 1) passed.

INFO: Starting SW-DRBG health test...

INFO: SW-DRBG health test passed.

#######################################################################

 

ASA-FTD # show version

Cisco Adaptive Security Appliance Software Version 9.6(3)1

Device Manager Version 7.6(2)

Compiled on Thu 30-Aug-17 22:07 PDT by builders

System image file is "disk0:/fxos-lfbff-k8.2.1.1.74.SPA"

Config file at boot was "startup-config"

ASA-FTD up 3 mins 16 secs

SSP Slot Number: 1

Hardware: FPR9K-SM-36, 233041 MB RAM, CPU Xeon E5 series 2294 MHz, 2 CPUs (72 cores)

Encryption hardware device : Cisco FP Crypto on-board accelerator (revision 0x1)

Boot microcode : CN35x-MC-Boot-0001

SSL/IKE microcode : CNN35x-MC-SSL-0014

IPSec microcode : CNN35x-MC-IPSEC-0005

Number of accelerators: 2

4099: Int: Internal-Data0/0     : address is 0015.a500.00bf, irq 11

4101: Int: Internal-Data0/1     : address is 0015.a500.011f, irq 5

4102: Int: Internal-Data0/2     : address is 0000.0001.0003, irq 0

 

Licensed features for this platform:

 

Maximum Physical Interfaces                   : Unlimited

Maximum VLANs                                  : 1024

Inside Hosts                                   : Unlimited

Failover                                       : Active/Active

Encryption-DES                                : Enabled

Encryption-3DES-AES                           : Disabled

Security Contexts                             : 10

Carrier                                        : Disabled

AnyConnect Premium Peers                      : 20000

AnyConnect Essentials                         : Disabled

Other VPN Peers                               : 20000

Total VPN Peers                               : 20000

AnyConnect for Mobile                         : Enabled

AnyConnect for Cisco VPN Phone               : Enabled

Advanced Endpoint Assessment                 : Enabled

Shared License                                 : Disabled

Total TLS Proxy Sessions                      : 15000

Botnet Traffic Filter                         : Enabled

Cluster                                       : Enabled

 

FirePower 9K防火墙通过FXOS CLI升级ASA Version

本文由乾颐堂CCIE培训讲师李冰提供

乾颐堂客服热线:400-618-8070

乾颐堂官网:www.qytang.com

乾颐堂网络实验室 我们为您想的更多

 ©2013-2014  乾颐堂网络工程师培训  版权所有  京ICP备14044984号-2 

 中国权威 Cisco (思科) CCNA CCNP CCIE 认证培训 企业定制培训

 咨询报名电话:400-618-8070   

CCNA论坛