cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
263
Views
0
Helpful
4
Replies

2130 Firepower lost interface configuration when configuring HA

DSterling
Level 1
Level 1

HA failover was not working so I broke the HA and was going to reconfigure it. I rebooted the 2 Firepower's (2130) and when they came back up they lost there interface configuration. I'm trying to set up the management interface and get to the FDM and configure the interfaces, but have not been successful. We were using the Management 1/1 interface to access thru the browser.

I used the commands:
configure network management-port ! it did not accept this I have to put a port number in so the cli backup shows 8305
configure network ipv4 192.168.200.20 255.255.255.0 192.168.200.1

It took the config, but I can't access it or even ping it?

Can anyone help?

1 Accepted Solution

Accepted Solutions

the "configure network management-port <#>" command is to change the port used for the sftunnel, so I don't see a legitimate reason for you to use this command at this point.

And to clarify, before you rebooted the appliances, were they FMC managed or were they FDM managed?
Assuming that you were using FDM previously?

And assuming you used the 
"configure network ipv4 manual 192.168.200.20 255.255.255.0 192.168.200.1"
command, and that the management interface is connected to the 192.168.200.0 segment, you should be able to access the device via ssh (if ssh enabled), and ping it.
Do you see it in the arp table of the adjacent network equipment? Have you tried connecting a laptop directly into the mgmt port of the ftd device?

And when you say that you lost all interface configuration, breaking the H/A shouldn't have affected the management interfaces.
So it's also possible you have a bigger problem that you should consult TAC about.

 

View solution in original post

4 Replies 4

>configure manager local

you need this to access ftd by fdm 

if above not work try delete mgmt config (for more info check this link https://www.lookingpoint.com/blog/resetting-a-cisco-ftd-appliance-back-to-factory-default)

MHM 

I need to get to the GUI thru the browser and I can't do that. The link you provided is to reset the firepower to the factory default which is not an option. I just need to configure the interfaces back to where they were? 

the "configure network management-port <#>" command is to change the port used for the sftunnel, so I don't see a legitimate reason for you to use this command at this point.

And to clarify, before you rebooted the appliances, were they FMC managed or were they FDM managed?
Assuming that you were using FDM previously?

And assuming you used the 
"configure network ipv4 manual 192.168.200.20 255.255.255.0 192.168.200.1"
command, and that the management interface is connected to the 192.168.200.0 segment, you should be able to access the device via ssh (if ssh enabled), and ping it.
Do you see it in the arp table of the adjacent network equipment? Have you tried connecting a laptop directly into the mgmt port of the ftd device?

And when you say that you lost all interface configuration, breaking the H/A shouldn't have affected the management interfaces.
So it's also possible you have a bigger problem that you should consult TAC about.

 

DSterling
Level 1
Level 1

I was able to connect directly to the mgmt port and access the GUI and make the changed needed and it worked. Thanks for all your comments. 

Review Cisco Networking for a $25 gift card