Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2110
Views
5
Helpful
5
Replies

CISCO FirePower 1120: How to monitor outside\WAN traffic?

AnthonyG1982
Level 1
Level 1

‎01-31-2023 01:12 AM

Hello Community,

I hope, I'm on the right Board posted.

I have a firepower 1120 device configured with dual WAN. Both ISP has their MRTG for internet monitoring. I observed frequent downtime in the primary ISP. When I informed my ISP, they always replied it was server maintenance and no service disruption, only the merge. Are there available logs on my Cisco firepower device available to check if there is traffic from the outside interface coming from ISP?

I hope someone can help me with this.

Thank you, Cisco community.

Labels:
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎01-31-2023 01:50 AM

Smaller drops you may not noticed in the NMS, since you may be polling the Data every 5min using SNMP, this was missing most of the NMS systems, these kind of issue you may need some realtime monitoring system to identify the issue.

On the Firepower do you do not see this until it failover automatically due to any SLA created.

best is setup any script to monitor ISP using the path to interent.

or setup a netflow to get any telemetry data.

or  decrease the snmp polling intervals to less than 10sec to monitor you can get any outcomes for the issue.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-31-2023 01:53 AM

If you are using FMC, you can look at the Health Monitor page for the device and set a custom period for the time you want to see interface statistics.

0 Helpful

AnthonyG1982
Level 1
Level 1

‎01-31-2023 02:52 AM

Thanks to both of you Marvin and Bandi.

The MRTG is owned and managed by ISP, and they provided me a copy of mrtg link to monitor it. Also, I'm not sure about FMC. How to check if FMC is installed or running on my device?

Thank you

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to AnthonyG1982

‎01-31-2023 05:15 AM

FMC is the Cisco Secure Firewall Management Center. It's an application that runs on a separate server. It provides a lot more functionality for an FTD installation; but it sounds like you don't have it.

The MRTG access would probably be your best bet for a small installation like yours. the on-box Firewall Device Manager (FDM) has very limited monitoring capability and what little it has is only real-time (i.e., almost no historical statistics).

0 Helpful

Aref Alsouqi
VIP
VIP

‎01-31-2023 05:28 AM

Not sure if the MRTG link you are provided with would show you the interfaces of the ISP devices only or if your firewall WAN interfaces stats are included?! if not, I would recommend to configure NetFlow on your firewall WAN interfaces, or using ICMP to monitor those interfaces via you own instance of MRTG. MRTG should alert you with some email notifications about any disconnection.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card