Solved: Re: Diagnostic interface on FTD 2110

tebogo.pholo1 · ‎06-08-2020

Getting error when trying to configure Diagnostic interface on the same subnet as management interface. i have a management switch as the gateway and FMC/SSH can get to the FTD via management ip without any issue. I need diagnostic interface for SNMP

Not sure where the issue could be

FMC >> ip address x.x.x.x x.x.x.x
hostname1 >> error : ERROR: Address is in use by routing instance of different network type
Config Error -- ip address x.x.x.x x.x.x.x

Other logs

Lina configuration application failure log:
Rollback skipped as Lina and SNORT are in sync
write mem executed as Lina and SNORT are in sync

tebogo.pholo1 · ‎06-17-2020

The issue is basically caused by dynamic routing, in my case i need to remove bgp configurations, setup the ip address of diagnostic interface and reconfigure the bgp. Below link has more details

https://finkotek.com/cisco-asa-error-address-is-in-use-by-routing-instance-of-different-network-type/

View solution in original post

Marvin Rhoads · ‎06-08-2020

I'm not sure where the output you provided comes from. I'm not familiar with the "FMC>>" prompt.

Is your current management interface in the same subnet as a data interface? If it is, that has to change to add a configuration for the diagnostic interface.

tebogo.pholo1 · ‎06-08-2020

Hello, my current management interface and data interface are in different subnet. i am trying to add diagnostic interface in the same subnet is management which clearly is giving me an error.

Marvin Rhoads · ‎06-09-2020

Please share the output of "show network" from the FTD cli and well as a screen shot of the interface configuration you are trying to deploy from FMC.

Here is a working example:

> show network
===============[ System Information ]===============
Hostname                  : ftdv-2.ccielab.mrneteng.com
Domains                   : ccielab.mrneteng.com
DNS Servers               : 172.31.1.8
Management port           : 8305
IPv4 Default route
  Gateway                 : 172.31.4.1
  Netmask                 : 0.0.0.0


======================[ eth0 ]======================
State                     : Enabled
Link                      : Up
Channels                  : Management & Events
Mode                      : Non-Autonegotiation 
MDI/MDIX                  : Auto/MDIX 
MTU                       : 1500
MAC Address               : 00:0C:29:F7:15:A8
----------------------[ IPv4 ]----------------------
Configuration             : Manual
Address                   : 172.31.4.5
Netmask                   : 255.255.255.0
Gateway                   : 172.31.4.1
----------------------[ IPv6 ]----------------------
Configuration             : Disabled

===============[ Proxy Information ]================
State                     : Disabled
Authentication            : Disabled

>

FTD interfaces.PNG

tebogo.pholo1 · ‎06-09-2020

attached but I could not fully reveal details of IP addresses. please let me know if these does help.

Just to make you aware. standalone FTD at one of our side did not give me issue when configuring diagnostic interface on the same subnet as the management interface. The one that is giving errors is in HA pair.

Marvin Rhoads · ‎06-11-2020

I just verified on one of my deployments that has 2100 series (2140 in this case) running 6.4.0.7. The change to configure the previously unaddressed diagnostic interface in the same subnet as management worked fine.

Perhaps you should open a TAC case for more in depth troubleshooting.

tebogo.pholo1 · ‎06-11-2020

Thanks @Marvin Rhoads , already raised a case with Cisco TAC. Will feedback when i get a response from TAC

tebogo.pholo1 · ‎06-17-2020

The issue is basically caused by dynamic routing, in my case i need to remove bgp configurations, setup the ip address of diagnostic interface and reconfigure the bgp. Below link has more details

https://finkotek.com/cisco-asa-error-address-is-in-use-by-routing-instance-of-different-network-type/