Unlike upgrade, the systemĭoes not do this for you. (HA) and scalability deployments, you should plan an uninstall order that minimizes disruption.
You uninstall patches from Firepower appliances individually, even those that you upgraded as a unit. Uninstall Order for HA/Scalability Deployments If you cannot use the web interface, you can use the Linux shell as either theĪdmin user for the shell, or as an external user with shell access. We recommend you use the FMC web interface to uninstall FMC patches. Time see Uninstall Order for HA/Scalability Deployments. As with upgrade, you must uninstall from high availability FMCs one at a Uninstall patches from FMCs after you uninstall from their managed devices. Contact Cisco TAC to reverse the device lockdown. If you disabled shell access, you cannot uninstallĭevice patches. You must have access to the device shell as the admin user for the device, or as another local user with CLI configuration access.
#STEP 7 5.6 UPDATES PATCH#
You cannot use an FMC user account to log into and uninstall the patch from one of its managed devices.
#STEP 7 5.6 UPDATES SERIES#
You cannot use an FMC, ASDM, or FDM to uninstall a patch from a device, nor can you use the local web interface on a 7000/8000 series device. Uninstall order that minimizes disruption, see Uninstall Order for HA/Scalability Deployments. Or failover ASA with FirePOWER Services devices. (HA) Firepower devices, or from clustered You cannot batch-uninstall patches from clustered, stacked, or high availability This means that you uninstall from devicesīoth individually and locally. To uninstall a device patch, you must use the Linux shell, also called expert mode. That in FMC deployments, uninstall patches from managed devices first. The FMC must run the same or newer version as its managed devices. Guidelines for Uninstalling Patches Uninstall from Devices First, Using the Shell Uninstall Support for Version 6.2.3 Patches Find yourĬurrent version in the left column, then read across to see how far back you can This table lists supported uninstall scenarios for Version 6.2.3 patches. If uninstall will cause one of these issues, we recommend you reimage and then Patched with security certifications compliance enabled (CC/UCAPL mode).Ĭompliance is enabled and the FSIC fails, Firepower softwareĭoes not start, remote SSH access is disabled, and you canĪccess the appliance only via local console. Incompatibilities between the operating systemįSIC (file system integrity check) failure when the appliance reboots, if you Inability to deploy configuration changes after uninstall. Uninstalling specific patches can cause issues on Firepower appliances, Uninstall Order for HA/Scalability Deployments.Uninstall is not supported in FDM deployments. In FMC and ASDM deployments, you can uninstall most patches.