One of the customers is planning to upgrade their firewalls, from 8.2.1P03 to 8.2.1P07, they own a firewall cluster, (s4016 in HA)
As newbie in MFE, I would like to know if somebody can help me.
If we apply the patch from 8.2.1P03 to 8.2.1.P07, and for some reason the customer needs to go back to 8.2.1P03 from 8.2.1P07. What should I need to do?
I understand that 8.2.1P07 is uninstallable, so in order for going back from 8.2.1P07 to 8.2.1P03 is it as simple as uninstall the installed patch 8.2.1P07 and reboot? and the firewall comes up with the previous installed version and Patch?
If customer is running 8.2.1P07 and wants to install version 8.3, once it is installed the 8.3 version what is the procedure from going back from 8.3 to 8.2.1P07. Is it as simple as uninstall the version 8.3 from the admin console and reboot and the firewall comes up whith the previos version installed?
You can not uninstall a pacth that is flagged as "uninstallable".
If you want to get rid of one of those you have to either restore a full backup or reimage the firewall and restore a configuration backup.
Thank you, Let's say that 8.2.1P07 is flagged as "Uninstallable = Yes" (not sure by now). The previos version installed on the MFW was 8.2.1P03 (obsolete)
If I uninstall this package 8.2.1P07, and then reboot,does the MFE comes up with the lastest software & pacth installed? (in this case is 8.2.1P03).
The firewall has two 'slices' (Systems), two separate instances of the firewall OS. When the firewall boots, it defaults to the Operational System and runs there. When the firewall installs a patch, it installs the patch to the Alternate System, in the background. If the installation fails there, the firewall does not reboot. If the patch installation is successful, the firewall will reboot and boot to the Alternate System (which has the new patch on it). This now becomes the Operational System.
In your case it would be like this:
This is the Rollback feature in the GUI in the Software Management section or 'cf package rollback' on the command-line.