Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1318
Views
0
Helpful
3
Replies

Enabling Mgmt intf from FXOS CLI when only console access is available?

cpaquet
Level 1
Level 1

‎09-29-2019 06:47 AM - edited ‎02-21-2020 09:32 AM

Mgmt interface is in 'shut enforce' mode

Client received FPR4100 over two months ago.  Rack-mounted it, went through setup mode and hasn't touched it since.  The only way I can access FPR4100 is via console port. I can't find how to enable mgmt interface, while looking at all those 'scope' options.  The enable password works; no need to do a password recovery.

 

1. what command do I need to type to issue the equivalent of 'no shut' on the management interface?

2. is the command issued from 'connect fxos' level?

 

I have attached 3 screen capture: sh run, sh inter mgmt0, sh ver.

Maybe my only option is to 'erase config'?

Any insight would be greatly 

Thanks.

Labels:
Preview file
149 KB
Preview file
10 KB
Preview file
100 KB
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-29-2019 05:39 PM

Does the following work?

 

firepower # scope eth-uplink

firepower /eth-uplink # scope fabric

firepower /eth-uplink #/fabric # scope interface Mgmt0

firepower /eth-uplink/fabric/interface # enable

firepower /eth-uplink/fabric/interface* # commit-buffer

firepower /eth-uplink/fabric/interface # show

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/CLI_Reference_Guide/b_FXOS_CLI_reference/b_CLI_reference_chapter_010.html#wp2429791788

0 Helpful

cpaquet
Level 1
Level 1
In response to Marvin Rhoads

‎09-30-2019 08:22 AM

Thanks Marvin for your quick reply.   I had tried those commands on Firday.  I tried then again this AM.
Unfortunately, the suggested commands don't work for mgmt interface.

NGFW-02#
NGFW-02# scope eth-uplink
NGFW-02 /eth-uplink # scope fabric
NGFW-02 /eth-uplink/fabric # scope interface
1-5 Slot ID
n/n Ethernet<Slot Id>/<Port Id>

NGFW-02 /eth-uplink/fabric # scope interface mgmt0
^
% Invalid Value at '^' marker, accepted value is: 1-5
NGFW-02 /eth-uplink/fabric #
NGFW-02 /eth-uplink/fabric # scope interface
1-5 Slot ID
n/n Ethernet<Slot Id>/<Port Id>

NGFW-02 /eth-uplink/fabric #


Since the FPR4100 is not in production yet, from the console port, I erases its config and went through the setup mode.
Yet again, the mgmt0 interface came up in Administratively Down.

NGFW-02(fxos)# show interface mgmt0
mgmt0 is down (Administratively down)
Hardware: GigabitEthernet, address: d478.9ba1.c99d (bia d478.9ba1.c99d)
<output omitted>

 

I guess that the only option left is to do a factory-reset from rommon?

0 Helpful

cpaquet
Level 1
Level 1
In response to cpaquet

‎09-30-2019 02:29 PM

We resetted FPR4100 and now can access the FCM with https.   

It doesn't answer my original question of 'what is the command to 'no-shut' mgmt 0 of the chassis of FPR4100

If anyone knows, one day, please let me know.

Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card