09-12-2020 08:15 PM
hi,
i managed to perform an FTD OS upgrade from 6.4 to 6.5 but noticed the initial config i did for 6.4 was gone and had to re-configure. i thought the configuration is persistent in flash memory. is there a prior step that i should've done prior to an upgrade, say like a backup?
i configured MGMT1/1 as 192.168.1.45/24 (same as the "inside" subnet) and connected to eth1/2. it was able to get to the internet (DNS, NTP were green/up). but i don't see its L3 IP using any FTD show commands. i also can't ping 192.168.1.45 and HTTPS to it from my PC 192.168.1.10. is FDM web MGMT only accessible via GW 192.168.1.1?
> show version
-------------------[ firepower ]--------------------
Model : Cisco Firepower 1010 Threat Defense (78) Version 6.5.0 (Build 115)
UUID : ed6261ec-f4ad-11ea-8c52-8e7af62c5e24
Rules update version : 2019-08-12-001-vrt
VDB version : 309
----------------------------------------------------
> show interface summary
Interface Vlan1 "inside", is up, line protocol is up
Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
MAC address 5c5a.c7b8.f785, MTU 1500
IP address 192.168.1.1, subnet mask 255.255.255.0
Traffic Statistics for "inside":
4003 packets input, 1160157 bytes
5489 packets output, 4710386 bytes
354 packets dropped
1 minute input rate 2 pkts/sec, 568 bytes/sec
1 minute output rate 1 pkts/sec, 549 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 2 pkts/sec, 772 bytes/sec
5 minute output rate 2 pkts/sec, 729 bytes/sec
5 minute drop rate, 0 pkts/sec
Interface Ethernet1/1 "outside", is up, line protocol is up
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
MAC address 5c5a.c7b8.f7c8, MTU 1500
IP address 116.87.x.x, subnet mask 255.255.192.0
Traffic Statistics for "outside":
1155320 packets input, 68877527 bytes
7018 packets output, 1271712 bytes
3800 packets dropped
1 minute input rate 767 pkts/sec, 35847 bytes/sec
1 minute output rate 2 pkts/sec, 515 bytes/sec
1 minute drop rate, 2 pkts/sec
5 minute input rate 766 pkts/sec, 35982 bytes/sec
5 minute output rate 2 pkts/sec, 724 bytes/sec
5 minute drop rate, 2 pkts/sec
Interface Ethernet1/2 "", is up, line protocol is up <<< CONNECTED MGMT1/1
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
Available but not configured via nameif
Interface Ethernet1/3 "", is up, line protocol is up
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
Available but not configured via nameif
Interface Ethernet1/4 "", is down, line protocol is down
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
Available but not configured via nameif
Interface Ethernet1/5 "", is down, line protocol is down
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
Available but not configured via nameif
Interface Ethernet1/6 "", is down, line protocol is down
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
Available but not configured via nameif
Interface Ethernet1/7 "", is down, line protocol is down
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
Available but not configured via nameif
Interface Ethernet1/8 "", is down, line protocol is down
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
Available but not configured via nameif
Interface Management1/1 "diagnostic", is up, line protocol is up
Hardware is en_vtun rev00, BW Unknown Speed-Capability, DLY 1000 usec
Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps)
Input flow control is unsupported, output flow control is unsupported
MAC address 5c5a.c7b8.f781, MTU 1500
IP address unassigned
1243 packets input, 120537 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 pause input, 0 resume input
15 L2 decode drops, 0 demux drops
0 packets output, 0 bytes, 0 underruns
0 pause output, 0 resume output
0 output errors, 0 collisions, 2 interface resets
0 late collisions, 0 deferred
6 input reset drops, 0 output reset drops
input queue (blocks free curr/low): hardware (0/0)
output queue (blocks free curr/low): hardware (0/0)
Traffic Statistics for "diagnostic":
705 packets input, 60528 bytes
0 packets output, 0 bytes
688 packets dropped
1 minute input rate 0 pkts/sec, 31 bytes/sec
1 minute output rate 0 pkts/sec, 0 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 0 pkts/sec, 30 bytes/sec
5 minute output rate 0 pkts/sec, 0 bytes/sec
5 minute drop rate, 0 pkts/sec
Management-only interface. Blocked 0 through-the-device packets
09-13-2020 12:04 PM
09-13-2020 06:15 PM
i followed the upgrade path for major upgrade 6.4.0 to 6.5.0. it's very strange my config got lost.
how about my other question, is FDM web MGMT only accessible via GW 192.168.1.1 (from inside)? i already gave MGMT1/1 192.168.1.45 but can't ping or HTTPS to it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide