ftd_install
Installs FTD pkg image on the firewall
Description
Provisioning module for FTD devices that installs ROMMON image (if needed) and FTD pkg image on the firewall. Can be used with httpapi and local connection types. The httpapi is preferred, the local connection should be used only when the device cannot be accessed via REST API.
Parameters
| Parameter | Required | Type | Description |
|---|---|---|---|
| device_hostname | True | string | Hostname of the device as appears in the prompt (e.g., 'firepower-5516'). |
| device_username | False | string | Username to login on the device. Defaulted to 'admin' if not specified. |
| device_password | True | string | Password to login on the device. |
| device_sudo_password | False | string | Root password for the device. If not specified, device_password is used. |
| device_new_password | False | string | New device password to set after image installation. If not specified, current password from device_password property is reused. Not applicable for ASA5500-X series devices. |
| device_ip | False | string | Device IP address of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. |
| device_gateway | False | string | Device gateway of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. |
| device_netmask | False | string | Device netmask of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. |
| device_model | False | string | Platform model of the device (e.g., 'Cisco ASA5506-X Threat Defense'). If not specified and connection is 'httpapi`, the module tries to fetch the device model via REST API. For 'local' connection type, this parameter is mandatory. |
| dns_server | False | string | DNS IP address of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. |
| console_ip | True | string | IP address of a terminal server. Used to set up an SSH connection with device's console port through the terminal server. |
| console_port | True | string | Device's port on a terminal server. |
| console_username | True | string | Username to login on a terminal server. |
| console_password | True | string | Password to login on a terminal server. |
| rommon_file_location | True | string | Path to the boot (ROMMON) image on TFTP server. Only TFTP is supported. |
| image_file_location | True | string | Path to the FTD pkg image on the server to be downloaded. FTP, SCP, SFTP, TFTP, or HTTP protocols are usually supported, but may depend on the device model. |
| image_version | True | string | Version of FTD image to be installed. Helps to compare target and current FTD versions to prevent unnecessary reinstalls. |
| force_install | False | boolean | Forces the FTD image to be installed even when the same version is already installed on the firewall. By default, the module stops execution when the target version is installed in the device. |
| search_domains | False | string | Search domains delimited by comma. Defaulted to 'cisco.com' if not specified. |
Return Values
| Value | Returned | Type | Description |
|---|---|---|---|
| msg | always | string | The message saying whether the image was installed or explaining why the installation failed. |
Examples
- name: Install image v6.3.0 on FTD 5516
ftd_install:
device_hostname: firepower
device_password: pass
device_ip: 192.168.0.1
device_netmask: 255.255.255.0
device_gateway: 192.168.0.254
dns_server: 8.8.8.8
console_ip: 10.89.0.0
console_port: 2004
console_username: console_user
console_password: console_pass
rommon_file_location: 'tftp://10.89.0.11/installers/ftd-boot-9.10.1.3.lfbff'
image_file_location: 'https://10.89.0.11/installers/ftd-6.3.0-83.pkg'
image_version: 6.3.0-83