Cisco ASA>FTD mgmt


Hello team,

We recently re-imaged 5516-x to FTD.

I am not able to access it using IP assigned to mgmt ip

When I do "show network"


===============[ System Information ]===============
Hostname : testftd
Management port : 8305
IPv4 Default route
Gateway :

======================[ br1 ]=======================
State : Enabled
Channels : Management & Events
Mode : Non-Autonegotiation
MTU : 1500
MAC Address : 03:AB:C4:C7:70:96
----------------------[ IPv4 ]----------------------
Configuration : Manual
Address :
Netmask :
Broadcast :
----------------------[ IPv6 ]----------------------
Configuration : Disabled

===============[ Proxy Information ]================
State : Disabled
Authentication : Disabled

When I ping or it says 

No route to host X.X.X.X


When I checked in LINA engine Mgmt1/1 interface is admin down.

I selected option to manage it locally while setup.


How can I access it ?

So here what helped me get access.

Configuration register was set as 0x41 so it was not loading default FTD configuration so mgmt interface was showing in admin down state. We changed it to 0x01 from ROMMON mode and now I was able to access it using mgmt interface IP address.

Use the command "ping system"




Hello Rob,

It's pinging. But from outside I am not able to access that IP using https.

If you are using FMC to manage the FTD then you don't connect to it directly on https. You now need to configure it using the FMC.


I am not using FMC, I am planning to administer it locally only using FDM.

Also I tried ping to gateway "ping system" and it's not pinging. Switch port config is good I double checked.


Sorry, my mistake, for some reason I thought you were using and FMC.


Have you attempted to connect to the FTD using https from a PC in the same VLAN?

To answer your previous question, you wouldn't be able to access the FTD from the outside, because until you've configured the FTD there is no outside interface, only the mgmt interface.

Unfortunately I do not have any PC in that LAN right now. I am trying to ping from switch( to which it's mgmt is connected) but not able to ping. 

If gateway is correct than I should be able to ping gateway and any device should be able to ping it.

I am trying to https it via mgmt IP from different subnet but no luck.


I have connected laptop to inside interface. I can ping it but not https/ssh.

Moreover I see some cts config already present on it apart from

interface GigabitEthernet1/2
nameif inside
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 100

ip address

Do I need to enable something from ftd?