Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1870
Views
1
Helpful
5
Replies

Enabling Mgmt intf from FXOS CLI when only console access is available?

cpaquet
Level 1
Level 1

‎09-29-2019 06:47 AM - edited ‎02-21-2020 09:32 AM

Mgmt interface is in 'shut enforce' mode

Client received FPR4100 over two months ago.  Rack-mounted it, went through setup mode and hasn't touched it since.  The only way I can access FPR4100 is via console port. I can't find how to enable mgmt interface, while looking at all those 'scope' options.  The enable password works; no need to do a password recovery.

 

1. what command do I need to type to issue the equivalent of 'no shut' on the management interface?

2. is the command issued from 'connect fxos' level?

 

I have attached 3 screen capture: sh run, sh inter mgmt0, sh ver.

Maybe my only option is to 'erase config'?

Any insight would be greatly 

Thanks.

Labels:
Preview file
149 KB
Preview file
10 KB
Preview file
100 KB
0 Helpful
5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-29-2019 05:39 PM

Does the following work?

 

firepower # scope eth-uplink

firepower /eth-uplink # scope fabric

firepower /eth-uplink #/fabric # scope interface Mgmt0

firepower /eth-uplink/fabric/interface # enable

firepower /eth-uplink/fabric/interface* # commit-buffer

firepower /eth-uplink/fabric/interface # show

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/CLI_Reference_Guide/b_FXOS_CLI_reference/b_CLI_reference_chapter_010.html#wp2429791788

0 Helpful

cpaquet
Level 1
Level 1
In response to Marvin Rhoads

‎09-30-2019 08:22 AM

Thanks Marvin for your quick reply.   I had tried those commands on Firday.  I tried then again this AM.
Unfortunately, the suggested commands don't work for mgmt interface.

NGFW-02#
NGFW-02# scope eth-uplink
NGFW-02 /eth-uplink # scope fabric
NGFW-02 /eth-uplink/fabric # scope interface
1-5 Slot ID
n/n Ethernet<Slot Id>/<Port Id>

NGFW-02 /eth-uplink/fabric # scope interface mgmt0
^
% Invalid Value at '^' marker, accepted value is: 1-5
NGFW-02 /eth-uplink/fabric #
NGFW-02 /eth-uplink/fabric # scope interface
1-5 Slot ID
n/n Ethernet<Slot Id>/<Port Id>

NGFW-02 /eth-uplink/fabric #


Since the FPR4100 is not in production yet, from the console port, I erases its config and went through the setup mode.
Yet again, the mgmt0 interface came up in Administratively Down.

NGFW-02(fxos)# show interface mgmt0
mgmt0 is down (Administratively down)
Hardware: GigabitEthernet, address: d478.9ba1.c99d (bia d478.9ba1.c99d)
<output omitted>

 

I guess that the only option left is to do a factory-reset from rommon?

0 Helpful

cpaquet
Level 1
Level 1
In response to cpaquet

‎09-30-2019 02:29 PM

We resetted FPR4100 and now can access the FCM with https.   

It doesn't answer my original question of 'what is the command to 'no-shut' mgmt 0 of the chassis of FPR4100

If anyone knows, one day, please let me know.

Thanks.

0 Helpful

Amro
Level 1
Level 1

‎05-28-2024 05:12 AM

I am facing the same behavior on my FPR 4110 - Mgmt0 is no longer showing  

 /eth-uplink/fabric # scope interface
  1-5  Slot ID
  n/n  Ethernet<Slot Id>/<Port Id>
------
/eth-uplink/fabric # show interface

Interface:
    Port Name       Port Type          Admin State Oper State       Allowed Vlan State Reason
    --------------- ------------------ ----------- ---------------- ------------ ------------
    Ethernet1/1     Data               Enabled     Up               All          Port is enabled and up
    Ethernet1/2     Data               Enabled     Up               All          Port is enabled and up
    Ethernet1/3     Data               Disabled    Sfp Not Present  Untagged     Unknown
    Ethernet1/4     Data               Disabled    Sfp Not Present  All          Unknown
    Ethernet1/5     Data               Disabled    Sfp Not Present  All          Unknown
    Ethernet1/6     Data               Disabled    Sfp Not Present  All          Unknown
    Ethernet1/7     Data               Disabled    Admin Down       All          Administratively down
    Ethernet1/8     Data               Enabled     Up               All          Port is enabled and up

And the configuration saying Mgmt forced down : 

(fxos)# show running-config interface mgmt 0
!Command: show running-config interface mgmt0
!Time: Tue May 28 12:11:32 2024
version 5.0(3)N2(4.120)
interface mgmt0
  shutdown force
  ip address x.x.x.x.x/26

 

 

0 Helpful

tvotna
Spotlight
Spotlight
In response to Amro

‎05-29-2024 02:07 AM

Believe you or not, this is by design. Management interface is *always* displayed like this on FP4100.

Use:

connect local-mgmt
mgmt-port shut
mgmt-port no-shut

To configure IP address use:

scope fabric-interconnect a
show [detail]
set out-of-band static ip <ip_address> netmask <mask> gw <gw>

HTH

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card