If your Cisco ASA is currently running FirePOWER Services as a separate module and you want to deploy Firepower Threat Defense (FTD), you must reimage your ASA with the unified FTD image. This blog discusses the steps required to reimage and troubleshoot any Cisco ASA 5500-X Series hardware.
To reimage ASA hardware with FTD, you need to use more than one type of image on the same hardware. This section describes the purposes of those images.
Figure 1 shows the subsets of a Firepower Threat Defense software image that you install or upgrade on the Cisco ASA 5500-X Series hardware platforms during the FTD reimaging process:
Figure 1 Subsets of a Firepower Threat Defense Software Image
- ROMMON software: The ROMMON software is the firmware of an ASA. In an ASA, you enter the ROMMON mode to perform all the necessary tasks to copy a boot image from an external server. If you are reimaging one of the low-end ASA hardware platforms, such as ASA 5506-X, 5506W-X, 5506H-X, 5508-X, or 5516-X, you must update the firmware to Release 1.1.8 or greater. If you are running one of the midrange ASA hardware platforms, such as 5512-X, 5515-X, 5525-X, 5545-X, or 5555-X, and want to reimage it to the FTD software, you do not need to update the default firmware.
- Boot image: The FTD boot image is a subset of the FTD system software. After you load your ASA with an FTD boot image, you can use the CLI of the boot image to prepare your ASA for downloading the FTD system software and beginning the setup.
- System software: All the features of FTD are packaged in a system software image. You begin the FTD system software installation from the CLI prompt of the boot image. This is the last step of a basic reimaging process.
Table 1 summarizes various types of software that you might have to install to complete the FTD reimaging process.
Table 1 Software Images Required to Complete an FTD Reimage
| ROMMON Software | Boot Image | System Software |
Purpose | To update the firmware of an ASA. | To load an ASA with the network config, download the system software, and begin setup. | To install the features of the FTD system. |
Low-end ASA (5506-X, 5508-X, 5516-X) | Firmware release 1.1.8 or greater is required. Use the | Use a | Use a |
Midrange ASA (5512-X, 5515-X, 5525-X, 5545-X, 5555-X) | Not necessary to update the default firmware version. | Use a |
