Edmund. It depends on the code that was used for the re-image. Anything up to ASA 9.13(1) is platform mode by default. Everything after that is appliance mode by default.

@@NathanStapp Hi Nate, Thanks a lot for the response…. Not exact sure about the differences between Platform vs Appliance mode? Does it mean in Appliance mode, it would act just like an ASA appliance after the re-imaged without having to worry that it might go into FXOS once reloaded? We want the FPR to be exactly like a ASA appliance… Cheers….

Juan, I apologize for missing this earlier. The way you upgrade depends on if you are running in Appliance Mode (default for ASA 9.14+) or Platform Mode (default for ASA prior to 9.14). for Platform Mode, it is similar to the upgrade method for the 4100's, you upload an image through Firepower Chassis Manager (FCM) - web gui for FXOS, and then click upgrade. For Appliance mode it is similar to the traditional ASA upgrade method, you download an image via FTP on CLI, and change the boot pointer.

Yes, you can covert 1140 to ASA. Please see below link for reference. www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asamatrx.html#reference_upj_nkl_x4b

Hey chanpreet! Thanks for responding. And Moti, as he said, yes!

Hello Eric! There are a few reasons. By far the most common reason I have run into is... Its a familiar firewall! So while Firepower offers the benefit in the future of allowing deep packet inspection (NGFW) and a myriad of other benefits they can "dip their toes" so to speak by getting the hardware, and switch over later. They also generally have much better performance for the cost especially with the new 1000 series Firepower versus ASA low end series. This is just the nature of technology progressing and allowing new products with similar price points but higher performance.

True!! but instead will have firepower logically running ASA but i like the video though

Yes in this case, the process is essentially identical, although it wouldn't hurt to post a video tutorial since I have a few sitting around....

Hello Omar! I don't quite understand your comment but will briefly go over what happened in the video. The FPR 2100 starts with FTD (this means FTD running on FXOS - the pseudo hypervisor). I then re-imaged the box to ASA (which on the FPR 2100 means ASA running on FXOS). Both platforms still involve running FXOS it is just abstracted so most dont realize it is there. On the newer code bases you can run in what is called "appliance” mode which truly hides FXOS entirely so it would look and feel like the old ASA.

@@NathanStapp Hi Nathan, I just upgrade FPR2110 to a newer version and it changes the fxos mode to appliance. Will it be fine to boot the old image in asa and revert back to the old version using platform mode.

@@richlee2164 If you actually UPGRADE the box, then the mode will be maintained. If it started in platform it will stay platform. If you re-image, then on 9.13 and above it will be appliance mode by default. On the 1000 and 2000 appliances the ASA code is packaged together with FXOS (unified code), this means if you "downgrade" the ASA code that means you will downgrade the FXOS as well. Now to answer your question, you can change the box so that is boots the old version and it will work just fine. However, I would question why you want to use platform mode. It adds additional "work" to configuration like enabling interfaces just to use and "no shut" them in ASA. Appliance mode is better in every respect.

Ushan, yes the running and startup configuration "get erased". I say that with quotes because the way you configure and managed FTD is completely different than ASA. There is no directly transferable version of the configuration. It would be more appropriate to say that the configuration is not compatible so cannot possibly be migrated.

@@NathanStapp Ok, that means we cannot use it in production environment.

Ushan, what are you trying to do specifically? we can discuss here or you can ask me directly nstapp@cisco.com