05-05-2023 01:47 PM
Hello,
I'm facing an issue with a ASA5506-X with Firepower Services that I need help from the community to solve.
The situation is that I try to manage the firewall from ASDM without FMC, but the tab "ASAFirepower configurations" not show up and I cannot figure out what I need to do to fix the issue.
> show managers
Managed locally.
> show interfaces
---------------------[ inside ]---------------------
Physical Interface : Port-channel1
Type : ASA
Security Zone : None
Status : Enabled
Load Balancing Mode : N/A
---------------------[ cplane ]---------------------
IPv4 Address : 127.0.2.1
----------------------[ eth0 ]----------------------
Physical Interface : eth0
Type : Management
Status : Enabled
MDI/MDIX : Auto
MTU : 1500
MAC Address : 00:27:E3:04:CA:A2
IPv4 Address : 192.168.1.251
----------------------[ tun1 ]----------------------
IPv6 Address : fdcc::bd:0:ffff:a9fe:1/64
---------------------[ tunl0 ]----------------------
----------------------------------------------------
Show> network
===============[ System Information ]===============
Hostname : firepower
Domains : example.net
Management port : 8305
IPv4 Default route
Gateway : 192.168.1.1
======================[ eth0 ]======================
State : Enabled
Channels : Management & Events
Mode : Non-Autonegotiation
MDI/MDIX : Auto/MDIX
MTU : 1500
MAC Address : 00:27:E3:04:CA:A2
----------------------[ IPv4 ]----------------------
Configuration : Manual
Address : 192.168.1.251
Netmask : 255.255.255.0
Broadcast : 192.168.1.255
----------------------[ IPv6 ]----------------------
Configuration : Disabled
===============[ Proxy Information ]================
State : Disabled
Authentication : Disabled
From ASA FirePower Status I can read -> Connect to the ASA FirePOWER application: https://No_DC_Configured (image attached).
What should I do to fix that?
Thanks in advanced.
Solved! Go to Solution.
05-05-2023 02:30 PM
Yes I guess this is problem here,
you need to access ASDM through the inside interface because the management interface is NOW not represent ASA it represent firepower.
check link above.
05-05-2023 01:58 PM
First i need to see asa inside and management config
Also I need to see
Debug http 255
05-05-2023 02:19 PM - edited 05-05-2023 02:20 PM
Sure, let me share with you:
interface Management1/1
management-only
nameif mgmt
security-level 0
ip address 192.168.1.251 255.255.255.0
!
interface Port-channel1
lacp max-bundle 8
shutdown
nameif inside
security-level 100
no ip address
!
Port-channel1 that will be the inside interface not have yet any ip address assigned. I access the ASDM via mgmt interface 192.168.1.251 connected directly to mgmt Port on ASA.
The debug http 255 file I attached.
Thanks in advance.
05-05-2023 02:30 PM
Yes I guess this is problem here,
you need to access ASDM through the inside interface because the management interface is NOW not represent ASA it represent firepower.
check link above.
05-05-2023 02:51 PM
Of course, problem solved, thank you very much for your help!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide