Firepower IOS Remove

Step 3	At the console port, log in to FXOS as admin, and reformat the system. connect local-mgmt format everything firepower-2110# connect local-mgmt firepower-2110(local-mgmt)# format everything All configuration and bootable images will be lost. Do you still want to format? (yes/no):yes Enter yes, and the Firepower 2100 reboots.
Step 4	Press Esc during the bootup when prompted to reach the ROMMON prompt. Pay close attention to the monitor.  Example: ******************************************************************************* Cisco System ROMMON, Version 1.0.03, RELEASE SOFTWARE Copyright (c) 1994-2017 by Cisco Systems, Inc. Compiled Thu 04/06/2017 12:16:16.21 by builder ******************************************************************************* Current image running: Boot ROM0 Last reset cause: ResetRequest DIMM_1/1 : Present DIMM_2/1 : Present Platform FPR-2130 with 32768 MBytes of main memory BIOS has been successfully locked !! MAC Address: 0c:75:bd:08:c9:80 Use BREAK or ESC to interrupt boot. Use SPACE to begin boot immediately. Press Esc at this point. If you miss the interrupt prompt, the Firepower 2100 attempts to reboot 3 times; because there is no image on the device, only ROMMON is available.
Step 5	Set the network settings for Management 1/1, and load FXOS (part of the Firepower Threat Defense package) using the following ROMMON commands. address management_ip_address server tftp_ip_address gateway gateway_ip_address filepath/filename set sync tftp -b The FXOS image downloads and boots up to the CLI. See the following information: gateway—Set the gateway address to be the same as the server IP address if they’re on the same network. set—Shows the network settings. You can also use the ping command to verify connectivity to the server. sync—Saves the network settings. tftp -b—Loads FXOS. Example: rommon 1> address 10.86.118.4 rommon 2> server 10.86.118.21 rommon 3> gateway 10.86.118.21 rommon 4> file cisco-ftd-fp2k.6.2.2.SPA rommon 5> set ROMMON Variable Settings: ADDRESS=10.86.118.4 NETMASK=255.255.255.0 GATEWAY=10.86.118.21 SERVER=10.86.118.21 IMAGE=cisco-ftd-fp2k.6.2.2.SPA CONFIG= PS1="rommon ! > " rommon 6> sync rommon #9> tftp -b Enable boot bundle: tftp_reqsize = 268435456 ADDRESS: 10.86.118.4 NETMASK: 255.255.255.0 GATEWAY: 10.86.118.21 SERVER: 10.86.118.21 IMAGE: cisco-asa-fp2k.9.8.2.SPA MACADDR: d4:2c:44:0c:26:00 VERBOSITY: Progress RETRY: 40 PKTTIMEOUT: 7200 BLKSIZE: 1460 CHECKSUM: Yes PORT: GbE/1 PHYMODE: Auto Detect link up Receiving cisco-ftd-fp2k.6.2.2.SPA from 10.86.118.21!!!!!!!! […]
Step 6	Log in to FXOS using the default username: admin and password: Admin123. After the device boots up into FXOS, the Management IP address that you set in ROMMON is erased and set to the default: 192.168.45.45. You will need to set the correct IP address and other related settings for your network in FXOS before you can download the Firepower Threat Defense package from the server.
Step 7	Disable the DHCP server. scope system scope services disable dhcp-server commit-buffer Before you can change the management IP address, you must disable the DHCP server. Example: firepower-2110# scope system firepower-2110 /system # scope services firepower-2110 /system/services # disable dhcp-server firepower-2110 /system/services* # commit-buffer
Step 8	Configure an IPv4 management IP address, and optionally the gateway. scope fabric-interconnect a set out-of-band static ip ip_address netmask network_mask gw gateway_ip_address commit-buffer To keep the currently-set gateway (by default 0.0.0.0, which represents the Firepower Threat Defense data interfaces), omit the gwkeyword. If your download server is not on the local Management 1/1 network, then change the gateway IP address; the Firepower Threat Defense data interfaces do not exist yet, so you cannot reach any remote servers with the default setting. Example: firepower-2110# scope fabric-interconnect a firepower-2110 /fabric-interconnect # firepower-2100 /fabric-interconnect # set out-of-band ip 10.86.118.4 netmask 255.255.255.0 Warning: When committed, this change may disconnect the current CLI session firepower-2100 /fabric-interconnect* # commit-buffer firepower-2100 /fabric-interconnect #
Step 9	Download and boot the Firepower Threat Defense package. Download the package. scope firmware download image url show download-task You can download the package from the same TFTP server you used earlier, or another server reachable on Management 1/1. Example: firepower-2110# scope firmware firepower-2110 /firmware # download image tftp://10.86.118.21/cisco-ftd-fp2k.6.2.2.SPA Please use the command 'show download-task' or 'show download-task detail' to check download progress. firepower-2110 /firmware # show download-task Download task: File Name Protocol Server Port Userid State --------- -------- --------------- ---------- --------------- ----- cisco-ftd-fp2k.6.2.2.SPA Tftp 10.88.29.21 0 Downloaded When the package finishes downloading (Downloaded state), boot the package. show package scope auto-install install security-pack version version In the show package output, copy the Package-Vers value for the security-pack version number. The chassis installs the Firepower Threat Defense image and reboots. Example: firepower 2110 /firmware # show package Name Package-Vers --------------------------------------------- ------------ cisco-ftd-fp2k.6.2.2.SPA 6.2.2 firepower 2110 /firmware # scope auto-install firepower 2110 /firmware/auto-install # install security-pack version 6.2.2 The system is currently installed with security software package not set, which has: - The platform version: not set If you proceed with the upgrade 6.2.2, it will do the following: - upgrade to the new platform version 2.2.2.52 - install with CSP ftd version 6.2.2 During the upgrade, the system will be reboot Do you want to proceed ? (yes/no):yes This operation upgrades firmware and software on Security Platform Components Here is the checklist of things that are recommended before starting Auto-Install (1) Review current critical/major faults (2) Initiate a configuration backup Attention: If you proceed the system will be re-imaged. All existing configuration will be lost, and the default configuration applied. Do you want to proceed? (yes/no):yes Triggered the install of software package version 6.2.2 Install started. This will take several minutes. For monitoring the upgrade progress, please enter 'show' or 'show detail' command.
Step 10	Wait for the chassis to finish rebooting (5-10 minutes), and log in to FXOS using the default username: admin and password: Admin123. Although FXOS is up, you still need to wait for the Firepower Threat Defense to come up (30 minutes). Wait until you see the following messages: […] User enable_1 logged in to firepower Logins over the last 1 days: 1. Failed logins since the last login: 0. Type help or '?' for a list of available commands. firepower> Aug 26 01:31:48 firepower port-manager: Alert: Ethernet1/2 link changed to DOWN Aug 26 01:31:48 firepower port-manager: Alert: Ethernet1/1 link changed to DOWN firepower# After the rest of the Firepower Threat Defense startup messages show, you can return to the FXOS prompt.
Step 11	Connect to the Firepower Threat Defense CLI. connect ftd
Step 12	You are prompted to accept the EULA; press Enter, and then the Space bar at the More prompt until you see: Please enter 'YES' or press <ENTER> to AGREE to the EULA: