11-12-2024 11:05 AM
HA failover was not working so I broke the HA and was going to reconfigure it. I rebooted the 2 Firepower's (2130) and when they came back up they lost there interface configuration. I'm trying to set up the management interface and get to the FDM and configure the interfaces, but have not been successful. We were using the Management 1/1 interface to access thru the browser.
I used the commands:
configure network management-port ! it did not accept this I have to put a port number in so the cli backup shows 8305
configure network ipv4 192.168.200.20 255.255.255.0 192.168.200.1
It took the config, but I can't access it or even ping it?
Can anyone help?
Solved! Go to Solution.
11-12-2024 12:51 PM
the "configure network management-port <#>" command is to change the port used for the sftunnel, so I don't see a legitimate reason for you to use this command at this point.
And to clarify, before you rebooted the appliances, were they FMC managed or were they FDM managed?
Assuming that you were using FDM previously?
And assuming you used the
"configure network ipv4 manual 192.168.200.20 255.255.255.0 192.168.200.1"
command, and that the management interface is connected to the 192.168.200.0 segment, you should be able to access the device via ssh (if ssh enabled), and ping it.
Do you see it in the arp table of the adjacent network equipment? Have you tried connecting a laptop directly into the mgmt port of the ftd device?
And when you say that you lost all interface configuration, breaking the H/A shouldn't have affected the management interfaces.
So it's also possible you have a bigger problem that you should consult TAC about.
11-12-2024 11:11 AM - edited 11-12-2024 11:13 AM
>configure manager local
you need this to access ftd by fdm
if above not work try delete mgmt config (for more info check this link https://www.lookingpoint.com/blog/resetting-a-cisco-ftd-appliance-back-to-factory-default)
MHM
11-12-2024 12:05 PM
I need to get to the GUI thru the browser and I can't do that. The link you provided is to reset the firepower to the factory default which is not an option. I just need to configure the interfaces back to where they were?
11-12-2024 12:51 PM
the "configure network management-port <#>" command is to change the port used for the sftunnel, so I don't see a legitimate reason for you to use this command at this point.
And to clarify, before you rebooted the appliances, were they FMC managed or were they FDM managed?
Assuming that you were using FDM previously?
And assuming you used the
"configure network ipv4 manual 192.168.200.20 255.255.255.0 192.168.200.1"
command, and that the management interface is connected to the 192.168.200.0 segment, you should be able to access the device via ssh (if ssh enabled), and ping it.
Do you see it in the arp table of the adjacent network equipment? Have you tried connecting a laptop directly into the mgmt port of the ftd device?
And when you say that you lost all interface configuration, breaking the H/A shouldn't have affected the management interfaces.
So it's also possible you have a bigger problem that you should consult TAC about.
11-13-2024 06:43 AM
I was able to connect directly to the mgmt port and access the GUI and make the changed needed and it worked. Thanks for all your comments.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide