08-06-2019 08:34 AM - edited 02-21-2020 09:22 AM
Hi,
I have built an FTD 750 but not added it to the FMC Manager yet. I only did the interfaces and the routing table. I still have the default mgt interface of 192.168.45.45 But now i cant log back into it on the webpage. I am getting these errors
https://192.168.45.45/login.cgi
Forbidden- You don't have permission to access /login.cgi on this server.
Service Unavailable- The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
I can login via ssh but it goes straight to # prompt
Why is their no > shell prompt
Any ideas are welcome
firepower#
Solved! Go to Solution.
08-07-2019 03:45 AM
Are you plugging into the Management 1/1 interface directly?
We would generally recommend a new setup to follow the Quick Start Guide here:
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/ftd-fdm-2100-qsg.html
08-16-2019 05:19 AM
Try this:
In order to enable the FDM On-Box management on the firepower 2100 series proceed as follows.
1. Console access into the FPR2100 chassis and connect to the FTD application.
firepower# connect ftd >
2. Configure the FTD management IP address (if you want to change it).
>configure network ipv4 manual <address> <netmask> <gateway>
3. Configure the management type as local.
>configure manager local
4. Configure from which IP addresses/subnets the On-Box management access to the FTD will be allowed.
>configure https-access-list 0.0.0.0/0
5. Open a browser and https into the IP address you configured to manage the FTD, this will open the FDM (On-Box) manager.
08-06-2019 07:44 PM
I'm not familiar with the model "FTD 750". Can you confirm what hardware you're working with?
When you say you've "built (it)", what steps did you take?
08-07-2019 02:49 AM
Hi
Its Cisco Fire Linux OS v6.2.2 (build 11)
Cisco Firepower 2110 Threat Defense v6.2.2 (build 81) - so not sure where i was getting the 750 from
To build it i login to the default mgt address 192.168.45.45, put in the 3 interfaces i need and also the routing table. When i logout of the webpage i can no longer get back into .. 45 even though i never changed it
08-07-2019 03:45 AM
Are you plugging into the Management 1/1 interface directly?
We would generally recommend a new setup to follow the Quick Start Guide here:
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/ftd-fdm-2100-qsg.html
08-07-2019 08:35 AM
Hi,
I went through the document and setup my interfaces & routing but again i cant login
I havent plugged the into my network yet - i am just trying to login locally from my pc- is that the issue
Current IP Addresses:
Interface Name IP address Subnet mask Method
Ethernet1/1 outside 192.168.3.100 255.255.255.0 manual
Ethernet1/2 inside 172.19.200.100 255.255.255.0 manual
Ethernet1/4 management 192.168.4.100 255.255.255.0 manual
i have tried all interfaces including the 192.168.45.45 diagnostic interface
I need to get in and then add it to the FMC manager
08-09-2019 08:56 PM
How are you connecting your local PC - is it plugged directly into the appliance's Gigabit Ethernet management interface?
Are you able to connect to the serial console?
For reference those are as shown below:
08-15-2019 07:03 AM
Martin,
08-15-2019 08:38 PM
When you ssh to your management address, please check and share the results of "show managers" command.
08-16-2019 02:16 AM
> show managers
No managers configured.
Maybe i have a faulty device or something
08-16-2019 05:19 AM
Try this:
In order to enable the FDM On-Box management on the firepower 2100 series proceed as follows.
1. Console access into the FPR2100 chassis and connect to the FTD application.
firepower# connect ftd >
2. Configure the FTD management IP address (if you want to change it).
>configure network ipv4 manual <address> <netmask> <gateway>
3. Configure the management type as local.
>configure manager local
4. Configure from which IP addresses/subnets the On-Box management access to the FTD will be allowed.
>configure https-access-list 0.0.0.0/0
5. Open a browser and https into the IP address you configured to manage the FTD, this will open the FDM (On-Box) manager.
08-21-2019 01:26 PM
Marvin,
This worked well for me. I reset the FTD again but this time i went straight into these commands but i only setup the Mgt (Diagnostic) port on my management network.
Then i added this command to manage the device remotely
configure manager add 192.0.2.2 123456
Now i can connect to it from my FMC which is on the same network and now i have been able to setup the interfaces, routing tables, and policy.
thanks again
Kevin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: