Those versions should be

banst8801 · ‎11-03-2016

Hi everyone,

I have an ASA 5506-X with Firepower services. Everything was working fine, I installed the proper licenses, I could see and config Firepower module from ASDM. But then I couldn´t see the Firepower module in ASDM. I did a reset on the ASA, I did a sw-module module sfr reset on the firepower module and nothing! I can´t access to firepower module.

I executed the commands below:

asa# session sfr

FW login: admin
Password:

Last login: Thu Nov 3 07:32:25 UTC 2016 on pts/0

Copyright 2004-2015, Cisco and/or its affiliates. All rights reserved.
Cisco is a registered trademark of Cisco Systems, Inc.
All other trademarks are property of their respective owners.

Cisco Linux OS v5.4.1 (build 12)
Cisco ASA5506 v5.4.1 (build 211)

>
> show network
>
> show summary
>
> show traffic-statistics
Unable to access DetectionEngine::bulkLoad
> show ifconfig
cplane Link encap:Ethernet HWaddr 00:00:00:02:00:01
inet addr:127.0.2.1 Bcast:127.0.255.255 Mask:255.255.0.0
inet6 addr: fe80::200:ff:fe02:1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:643 errors:0 dropped:0 overruns:0 frame:0
TX packets:221 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:37845 (36.9 Kb) TX bytes:16297 (15.9 Kb)

eth0 Link encap:Ethernet HWaddr 00:78:88:55:5A:37
inet addr:10.77.50.58 Bcast:10.77.50.63 Mask:255.255.255.248
inet6 addr: fe80::278:88ff:fe55:5a37/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:137 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:243 (243.0 b) TX bytes:5970 (5.8 Kb)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.255.255.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:331 errors:0 dropped:0 overruns:0 frame:0
TX packets:331 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:22842 (22.3 Kb) TX bytes:22842 (22.3 Kb)

For some reason when I execute show network, there is any output. And when I try to configure IP address manually I get this: ¨Unable to access DetectionEngine::bulkLoad¨

Also when I execute the startup wizard, I can only reach step 8, the screen stay like freeze. Step 9 is configuration regarding to firepower module.

Regards

Marvin Rhoads · ‎11-03-2016

Please share the output from ASA cli of:

show module sfr detail

Also please tell us your ASA and ASDM versions.

banst8801 · ‎11-10-2016

Hello Marvin,

Thanks for try to help.

I did a reimage in the firepower module. Apparently now it is working ok.

Here the output of show module sfr detail:

ciscoasa# show module sfr details
Getting details from the Service Module, please wait...

Card Type:          FirePOWER Services Software Module
Model:              ASA5506
Hardware version:   N/A
Serial Number:      JAD201005TU
Firmware version:   N/A
Software version:   6.0.0-1005
MAC Address Range: 0078.8855.5a37 to 0078.8855.5a37
App. name:          ASA FirePOWER
App. Status:        Up
App. Status Desc:   Normal Operation
App. version:       6.0.0-1005
Data Plane Status: Up
Console session:    Ready
Status:             Up
DC addr:            No DC Configured
Mgmt IP addr:       192.168.1.2
Mgmt Network mask: 255.255.255.0
Mgmt Gateway:       192.168.1.1
Mgmt web ports:     443
Mgmt TLS enabled:   true

-----------------------------------------------------------------

ASDM and ASA versions:

ciscoasa# show version

Cisco Adaptive Security Appliance Software Version 9.5(2)
Device Manager Version 7.5(2)

Compiled on Sat 28-Nov-15 00:16 PST by builders
System image file is "disk0:/asa952-lfbff-k8.SPA"

Do you think the versions are ok? I mean compatibility is ok?

Regards

Marvin Rhoads · ‎11-10-2016

Those versions should be compatible. Cisco lists them as such here:

http://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html#id_38012

Does your management still fail?

ASA 5506-X Cannot manage Firepower module