Reimage a Hardware Model of a Cisco Secure Firewall Management Center

Introduction

This document describes an example of a reimage procedure for the Secure Firewall Management Center (formerly Firepower Management Center). 

Prerequisites

Requirements

Cisco recommends knowledge of these topics:

• There are no specific requirements for this guide

Components Used

The information in this document is based on these software and hardware versions:

• Firewall Management Center (FMC) Version 6.7.0

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

Background Information

Specific requirements for this document include:

•  A console cable connected on the FMC
• An FTP Server with the installation package (.iso) already uploaded

This reimage procedure is supported on appliances:

• Firewall Management Center 1600
• Firewall Management Center 2600
• Firewall Management Center 4600

Before You Begin

1. A reimage procedure erases all previous configurations. To restore any configurations, generate a backup before you start this procedure.
2. Verify the model is compatible with this procedure.

Configure

Step 1. Reboot your FMC appliance:

A. To do this via GUI:

I. Log into the GUI of your Firewall Management Center.

II. Navigate to System > Configuration > Process.

III. Click Run Command for the Reboot Management Center.

GUI Reboot Example:

B. To do this via CLI:

I. Log into the CLI of the Firewall Management Center.

II. Enter to expert mode.

III. Elevate your privilege level to the root user mode.

IV. Execute the command reboot in order to restart the console

CLI Example:

Copyright 2004-2021, Cisco and/or its affiliates. All rights reserved. 
Cisco is a registered trademark of Cisco Systems, Inc. 
All other trademarks are property of their respective owners.

Cisco Firepower Extensible Operating System (FX-OS) v2.10.1 (build 175)
Cisco Firepower Management Center 2600 v6.7.0 (build 84)

> expert
admin@fmc_lab:~$ sudo su
Password: 
Last login: Tue Jan 24 01:08:10 UTC 2023 on pts/0
root@fmc_lab:/Volume/home/admin# reboot

Caution: Once you execute the reboot command, monitor the boot up process on the console because it is necessary to alter the boot mode.

Step 2. On the boot menu, type number 3 to select the System Restore Mode:

Note: The boot menu only allows a few seconds to choose the desired option. If you do not type your option quickly enough, the boot up process chooses the default action and a reboot is needed to get to this menu.

Step 3. On the menu, type number 2 to select Serial Mode as an output method for the system restore procedure in case it is not the default option:

Note: On this example the default option is Serial Mode however, if you see a different option type number 2 to choose it. If you do not type your option fast enough the boot up process continues with the default action and you need to reboot again to get to this menu.

Step 4. Click Enter to confirm the copyright notice.

Step 5.  On the Configuration Menu, select Option 1 to set the IP Configuration:

Note: You can move through the menu with the arrow keys and you can select an option with the Enter key. The mouse cannot be used on these menus.

Step 5.1. Choose the network interface that is able to reach the FTP server:

Note: When a menu displays multiple options, you can press the Spacebar to select an option and Enter to move to the next window.

Step 5.2. Select the version of IP you would like to configure:

Step 5.3. Select the method of IP configuration you would like to use:

Step 5.4. Enter the IP address for the system:

Step 5.5 Enter the subnet mask that belongs to your IP address:

Step 5.6 Enter the default gateway IP to be used:

Step 5.7 Validate that the network settings are correct:

Note: In case you made a mistake on any parameter, repeat the same steps to edit the wrong setting.

Step 6. On the Configuration Menu, select Option 2 to set the transport protocol (remote storage server):

Step 6.1  Select a transport protocol:

Note: In this example, we use an FTP server as a transport protocol

Step 6.2 Enter the remote storage IP:

Step 6.3 Select the type of user for your remote storage:

Step 6.4 If the user is not anonymous, enter the username for the remote storage server.

Step 6.5 Enter the password for the remote storage.

Step 6.6 Select the ISO package you plan to use for the reimage.

Step 6.7 Validate that the configuration looks correct:

Step 7 On the Configuration Menu, select Option 4 to Download ISO:

Note: The download begins automatically and, once it finishes, it takes you again to the Configuration Menu

Step 8 On the Configuration Menu, select Option 5 to Run the Install of the downloaded package:

Step 8.1 On the warning screen, press Enter to confirm the re-partition of the disk:

Step 8.2 After the re-partition finishes, press Enter to proceed with the restart of the system

Step 8.3 Press Enter on the pop-up window to confirm the reboot

Note: After the reboot of the system, System Recovery Mode loads automatically as there is no operating system installed on the appliance. Previous configurations on System Recovery Mode Menu are saved. To finish the process, it is necessary to download the installation package again and Run the installation to complete the Reimage Procedure.

Step 9 On the configuration menu, select option 4 and re-download the installation package

Step 10 Once you are back on the Configuration Menu, select option 5 to run the installation package

Step 10.1 On the warning screen, press Enter to confirm the re-partition of the disk

Step 10.2 To confirm the Restore of the system and deletion of license and network settings type 'yes' and press Enter on each prompt

Step 10.3 One final warning is displayed, type 'yes' and press Enter to proceed

Note: The installation begins and it takes around 20 minutes to finish. The next picture is an example of the expected console output while installation is running.

Step 10.3 Press Enter on the pop-up window to confirm the reboot

Note: The boot process of a reimaged FMC can take up to 30 minutes because it loads the operative system for the first time. Once the FMC loads up the login screen the reimage process is completed and you can proceed with the initial configuration.

Example of login screen after FMC Reimage

Caution: Default credentials for a freshly installed FMC are: admin/Admin123