Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7107
Views
0
Helpful
3
Replies

Firepower Threat Defense 6.2.3 CLI interface

Go to solution
BadPigeon
Level 1
Level 1

‎01-23-2019 08:31 AM - edited ‎02-21-2020 08:41 AM

My company purchased some Cisco 2110 runing firepower threat defence v6.2.3 OS.

As I work remotely got someone to patch the new Cisco 2110 to Lab PC console port as well as 2110 ethernet 1/2 (inside interface) to a lab switch port that I can route to. The idea was simple one, we use inside data interface as management interface so all I had to do is to set eth1/2 interface on the lab IP subnet and change the default gateway so I can route out of the lab then I can get to the 2110 from anywhere via IP and then I can configure the box via web based Firepower Device Manager.

 

Read the config PDF and half the command refs can not work out how to configure

 

1) configure ethernet1/2 inside int as management/data interface and change IP

2) set/change default gateway

3) disable dhcp on 2110 so it doesnt interfere with the lab DHCP

4) disable management interface "interface Management1/1"

 

What used to be simple like "interface ethernet1/2" then configure int IP or a single command to set default gateway is now mission imposible. "no" infront of the command or anything else I can think of no longer works. How do we now go into interface configuration via CLI. I am sure there is a simple logical solution to this, any ideas/suggestions are much appreciated? Tx

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎01-23-2019 07:37 PM

The only interface which you can configure from CLI is the management
interface. Once you complete this, you should be able to configure FP
appliance from FDM or FMC.

configure network ipv4 manual #ip# #mask# #gateway#

View solution in original post

0 Helpful
3 Replies 3

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-23-2019 09:06 AM

Hope this guide help you :

 

https://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/fp2100/asa-2100-gsg/getting-started.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎01-23-2019 07:37 PM

The only interface which you can configure from CLI is the management
interface. Once you complete this, you should be able to configure FP
appliance from FDM or FMC.

configure network ipv4 manual #ip# #mask# #gateway#
0 Helpful

Go to solution
BadPigeon
Level 1
Level 1
In response to Mohammed al Baqari

‎01-24-2019 02:58 AM

Thank you for that reply that now makes sense. I will have to get someone to change the management IP to our local LAN IP so I can get to it remotely configure the box then have them repatch to the inside network port eth1/2.

I don't suppose you would know if there is any issues using management interface as data inside interface or is it the case with this new kit that we are expected to have the management / data segregation via two physical ports > management 1/1 & ethernet 1/2 (inside).

Kind Regards
Dario
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card