cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


12987
Views
31
Helpful
9
Replies
Frequent Contributor

IP Address Change - Virtual FMC

I am looking to change IP address of our FirePOWER Management Center which is virtual. I can see option to do this via the standard GUI but read conflicting info that I may need to ssh and also run some command line? Can anyone clear this up?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Master

The FirePOWER Management

The FirePOWER Management Center address can be changed from the GUI as you noted.

There is a console-based procedure that can be used in the event that you only have console access (initial setup, original IP lost/unknown, remote network only accessible via console server, etc.)

An ASA FirePOWER module needs to be changed from the cli as those do not have any graphical interface.

9 REPLIES 9
Hall of Fame Master

The FirePOWER Management

The FirePOWER Management Center address can be changed from the GUI as you noted.

There is a console-based procedure that can be used in the event that you only have console access (initial setup, original IP lost/unknown, remote network only accessible via console server, etc.)

An ASA FirePOWER module needs to be changed from the cli as those do not have any graphical interface.

Frequent Contributor

Thanks Marvin.

Thanks Marvin.

I read somewhere, possibly on here that when someone changed the FMC IP, the FirePOWER modules that were registered against it somehow automagically picked up the new FMC address without them doing anything. Not a problem if not. I will add re register the modules to new IP.

Highlighted

Re: Thanks Marvin.

Hey mate, 

did you do this in the prod network , if so, what was the impact of this to the registered devices?

 

Did FMC discover all of them automatically ?

 

Thanks,

Prashant

 

Beginner

Re: The FirePOWER Management

Hi Mavin, I found out that my FMC IP also needs to be changed soon due to some conflicts. I hope process is straight forward as below.
1. Back up FMC/FTD configs
2. Change IP of FMC
3. Remove manager from appliances (FTDs)
4. Re-add those appliances with changed FMC IP
Since everything is in production, dont want to make much interruption.

Any suggestions....Thanks in advance!
Beginner

Re: IP Address Change - Virtual FMC

Via virtual appliance console;

sudo ifconfig eth0 x.x.x.x/x

sudo ip route add default via x.x.x.x

Enthusiast

Re: IP Address Change - Virtual FMC

The better way to do this is to execute the configure-network script.

 

sudo su

/etc/sysconfig/configure-network

 

 

Beginner

Re: IP Address Change - Virtual FMC

Is this script also at:

/usr/local/sf/bin/configure-network?

Our is the location specific to FMC version?

Thanks,
Beginner

Re: IP Address Change - Virtual FMC

FMC & FTD are not typical linux operating systems they are based on firepower and you need to know firepower if you want to fix console and shell issues. I was facing same issues i wanted to change management IP address because i lost access to old subnet i tried to vi default network files but they have scripts instead of typical linux options so don't mess up with them you will eventually crash your equipment if you want to change management IP address of these equipment run below command on firepower

 

 

>expert
if you need "sudo su" ok go ahead provide credential

now type below command

"sudo /usr/local/sf/bin/configure-network" >>> follow the network setup instructions!

Sheraz

Enthusiast

Re: IP Address Change - Virtual FMC

What happened to FTD after you change FMC IP address? any steps there? did they go down?

 

CCIE 18676