Re: Cisco Firepower 7120 mgmt port issue

yunsh63 · ‎09-09-2018

Hi.

I have a question.

I config mgmt port 8305 but can't connect ssh or web ui.

If i change mgmt port 443 -> web connect but ssh not connect.

If i change mgmt port 22 -> ssh connect but web not connect.

How do I handle this?

Marvin Rhoads · ‎09-09-2018

The management interface should be listening on all three of those tcp ports at the same time (subject to any access restrictions you have configured).

How are you making the changes you mentioned?

yunsh63 · ‎09-09-2018

Hi.

I can not connect fp7120-k9 to ssh or web ui.

But fmc to fp ping test is ok.

So i connect appliance and change mgmt tcp port 443. ('configure network management-port 443')

And connect web ui to fp.

But i can't web and ssh both.

Cisco recommend port 8305, but It can't be work.

FW is not block 8305.

Marvin Rhoads · ‎09-10-2018

Using the command you mention is only for the communications between the Firepower appliance and its managing FMC.

The interface for local management (via ssh or https) may have a policy on it limiting access to certain subnets. I'd change it back to the default tcp/8305 and get it registered to FMC and then push a platform policy that doesn't prevent your authorized devices from logging in. If you have issues with that, let us know.

yunsh63 · ‎09-12-2018

Thank you for your help.

I reinstall the OS 6.2.3 and it works very well.

Thanks.