Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3323
Views
10
Helpful
9
Replies

cisco firepower is sending dns queries to open DNS 208.67.222.222

NetExprt
Level 1
Level 1

‎04-27-2020 04:06 PM

Dear ,

we noticed that cisco firepower FTD 2130 is sending DNS requests to the open DNS 208.67.222.222 which is not required and we didn't configured.

we need to disable this featrue , please advice

Labels:
0 Helpful
9 Replies 9

#Mat
Level 6
Level 6

‎04-27-2020 05:32 PM

Hi @NetExprt , from FMC > System > Administration interfaces you can change this configuration.

Umbrella's servers were configured in the first FMC boot.

 

Regards.-

.
0 Helpful

NetExprt
Level 1
Level 1

‎04-27-2020 07:02 PM

Thanks Mat ,

I already cheked that and found nothing there is configured with open DNS .

only our internal DNS is configured.

is there any embeded configuration cause this behavior ?

 

 

0 Helpful

#Mat
Level 6
Level 6

‎04-27-2020 11:45 PM

Hi there, I'm sorry but I got confused when I wrote about FMC, you asked about FTD.

Check from FTD CLI "show network" or "show running | grep 208.67.222.222"

Also, you can verify the platform setting from FMC if Umbrella server is configured.

 

 

is there any embeded configuration cause this behavior ?

They are preset if you don't change them when you install FTD. Anyway, you can also change them at any time.

 

Regards.-

 

HTH.

.

NetExprt
Level 1
Level 1

‎04-28-2020 02:05 AM

Excellent Mat

it is there , is it fine to change in working hours ?

0 Helpful

#Mat
Level 6
Level 6

‎05-01-2020 05:06 PM

Excellent Mat

it is there , is it fine to change in working hours ?

Hi there! If you change the Umbrella servers for any other DNS server that works, you shouldn't have to have trouble.

Hope this helps you, regards.-

.

dijeshkeloth
Level 1
Level 1
In response to #Mat

‎10-27-2022 04:09 AM

We have 2110 in platform mode. We see lot of dns requests from the management interface of firepower to the open dns servers. Although we have removed the open dns from the platform settings of the chassis manager, we still see dns queries from the management interface. Any suggestions?

0 Helpful

Chess Norris
Level 4
Level 4
In response to dijeshkeloth

‎10-27-2022 05:00 AM - edited ‎10-27-2022 05:05 AM

From the FTD CLI, do a "show network" to see if the open dns servers are still in use. You can change the DNS servers with the "configure network dns servers" command.

BTW. As far as I know, chassis manager are only availible on the 4100 and the 9300  series and not on the 2100.

/Chess

0 Helpful

dijeshkeloth
Level 1
Level 1
In response to Chess Norris

‎10-27-2022 05:24 AM

Hi Chris,

 

2100 in platform mode has chassis manager:

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/asa-platform.html

show network command does not work on the fxos cli.

Thanks,

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to dijeshkeloth

‎10-27-2022 06:00 AM

@dijeshkeloth "connect ftd" first or login directly to the FTD management interface. Then you can run the "configure network..." commands.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card