07-17-2024 04:29 AM
Hi there,
Does allocating an IP to diagnostic interface would cause traffic to the firewall drop completely?
Just learnt this by the hard way. Diagnostic interface is enabled by default so I just added an IP, same range as the management interface as it should.
The doc below doesn't say anything about the traffic disruption, so deployed the interface update.
Then everything stopped working for a few minutes.
07-17-2024 05:24 AM
Apologies, there was a typo, I've managed to enter the FMC IP address in the Diagnostic interface!
BGP router IP is the FMC IP address, so I understand why BGP dropped off, but don't understand why Internet went down as well.
07-17-2024 05:34 AM
There are two traffic
Data and mgmt traffic
Data traffic use defualt route
Mgmt traffic use defualt route and can use diagnostic GW if config' I think this what will make issue here your mgmt traffic use diagnostic gw to access internet and hence it drop and if mgmt can not access internet the data traffic will also drop.
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide