@ghostinthenet @ruhrscholz yeah. Here is how to install it from FXOS (and I confess I’ve done it in ancient times once or twice or so or when getting a box without the ASA image and having to migrate) but not in the last… 4? 5? 6? years https://wannabecybersecurity.blogspot.com/2021/03/cisco-firepower-1010-reimage-ftd-to-asa.html the boot sequence logs also look correct

@ghostinthenet @ruhrscholz the ASA image on 1010 works so that the boot loader loads FXOS on boot, it initializes the hardware and whatnot, then it starts the ASA image as a separate process and the interfaces and control are handed over

@ghostinthenet @ruhrscholz they come from factory with ASA image with SKU FPR1010-ASA-K9

@ghostinthenet @ruhrscholz my European firepowers must have missed this memo completely…I have plenty to go around and they’re completely happy ;)

@ghostinthenet @ruhrscholz the 1010 should always be in appliance mode, some of the bigger brothers can be configured to live in platform mode and then they work slightly differently. Anyway, stand-alone upgrade instructions are here https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/asa-appliance-asav.html it’s really easy peasy.

@ghostinthenet @ruhrscholz you can upgrade from within the ASA image, I don’t think I’ve ever had to install from FXOS and I’ve used firepower since it shipped… I have a recollection the one had to do something weird in the very first version but since then nothing special

@ghostinthenet @ruhrscholz I’ve stayed away from FTD/FMC. On 1010, yes, it’s possible to go to FXOS but unless you’re troubleshooting something very deeply you’re never going to be there.

@ghostinthenet @ruhrscholz they’re drunk. Upgrade specifically on 1010 is “copy to flash”, “boot system …”, wr, relo

@ghostinthenet @ruhrscholz I’m happy with physical boxes ;) the1010 is priced very economically

@ghostinthenet @ruhrscholz ASA (Well, firepower with ASA image) does all that with AnyConnect for remote access. Config once, runs forever. Been my go to solution for years. I did like IVE (Juniper MAG, nowadays PulseSecure, …) but their pricing is so skewed