Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
802
Views
20
Helpful
3
Replies

Configuring FirePower on ASA: difficulties

Go to solution
Ilya Semenov
Level 1
Level 1

‎10-05-2017 02:21 AM - edited ‎02-21-2020 06:26 AM

Hello, everybody!

 

I have ASA 5512-X deployed and FMC 6.1 installed. ASA in a routed mode.

I've tried to configure it using this: https://www.cisco.com/c/en/us/td/docs/security/asa/quick_start/sfr/firepower-qsg.html 

 

The problem is I can't establish connection between them. ASA's Management interface ip address cannot be reached from anywhere. 

After I do SFR setup process I could not ping anything from IP configured.

 

asasfr-boot>setup


Welcome to Cisco FirePOWER Services Setup
[hit Ctrl-C to abort]
Default values are inside []

Enter a hostname [asasfr]:
asasfr
Do you want to configure IPv4 address on management interface?(y/n) [Y]:
Y
Do you want to enable DHCP for IPv4 address assignment on management interface?(y/n) [N]:
N
Enter an IPv4 address [192.168.8.8]: 192.168.1.3
Enter the netmask [255.255.255.0]:
255.255.255.0
Enter the gateway [192.168.8.1]: 192.168.1.1
Do you want to configure static IPv6 address on management interface?(y/n) [N]:
N
Stateless autoconfiguration will be enabled for IPv6 addresses.
Enter the primary DNS server IP address: 192.168.16.8
Do you want to configure Secondary DNS Server? (y/n) [n]: y
Enter the secondary DNS server IP address: 8.8.8.8
Do you want to configure Local Domain Name? (y/n) [n]: n
Do you want to configure Search domains? (y/n) [n]: n
Do you want to enable the NTP service? [Y]: y
Enter the NTP servers separated by commas: 192.168.16.8
Do you want to enable the NTP symmetric key authentication? [N]:
N
Please review the final configuration:
Hostname: asasfr
Management Interface Configuration

IPv4 Configuration: static
IP Address: 192.168.1.3
Netmask: 255.255.255.0
Gateway: 192.168.1.1

IPv6 Configuration: Stateless autoconfiguration

DNS Configuration:
DNS Server:
192.168.16.8
8.8.8.8

NTP configuration:
192.168.16.8
CAUTION:
You have selected IPv6 stateless autoconfiguration, which assigns a global address
based on network prefix and a device identifier. Although this address is unlikely
e suggest you use static addressing instead.l stop functioning correctly.

Apply the changes?(y,n) [Y]: y
Configuration saved successfully!
Applying...
Restarting network services...
Restarting NTP service...
Done.
Press ENTER to continue...
asasfr-boot>

 

Please, help me!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Long
Level 1
Level 1

‎10-05-2017 07:51 AM - edited ‎10-05-2017 07:53 AM

This is what I use

 

link

 

Pete

View solution in original post

3 Replies 3

Go to solution
Karsten Iwen
VIP
VIP

‎10-05-2017 04:33 AM

Setting up the boot-system is only the first step of installing SFR. Next you have to install the SFR system:

https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html

Go to solution
Peter Long
Level 1
Level 1

‎10-05-2017 07:51 AM - edited ‎10-05-2017 07:53 AM

This is what I use

 

link

 

Pete

Go to solution
Karsten Iwen
VIP
VIP
In response to Peter Long

‎10-05-2017 07:56 AM

yes, now continue with the step
"asasfr-boot>system install ..."
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card