cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

409
Views
5
Helpful
10
Replies
Highlighted
Beginner

Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

Hi all,

 

I want to test my IPS Appliance Firepower 7120 whether can raech to my Syslog server in different subnet by using Ping.

 

So, I ssh into the Appliance but I cannot find a way to exceute the Ping command.

 

Below is the information on the Appliance:

 

Cisco Fire Linux OS v6.4.0 (build 2)
Cisco FirePOWER 7120 v6.4.0.9 (build 62)

 

Anybody can help?

 

Thanks and regards,

tangsuan

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Guru

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

You need to switch to expert mode and then sudo to be root user.

Cisco Fire Linux OS v6.4.0 (build 2)
Cisco FirePOWER 7125 v6.4.0.9 (build 62)

> expert
admin@Sourcefire3D:~$ ping 8.8.8.8
ping: icmp open socket: Operation not permitted
admin@Sourcefire3D:~$ sudo su -
Password: 
Last login: Sat Jul 25 06:23:25 UTC 2020 on ttyp0
root@Sourcefire3D:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_req=1 ttl=116 time=8.24 ms
64 bytes from 8.8.8.8: icmp_req=2 ttl=116 time=8.36 ms
64 bytes from 8.8.8.8: icmp_req=3 ttl=116 time=8.33 ms
64 bytes from 8.8.8.8: icmp_req=4 ttl=116 time=8.36 ms
64 bytes from 8.8.8.8: icmp_req=5 ttl=116 time=8.31 ms
64 bytes from 8.8.8.8: icmp_req=6 ttl=116 time=8.34 ms
64 bytes from 8.8.8.8: icmp_req=7 ttl=116 time=8.30 ms
64 bytes from 8.8.8.8: icmp_req=8 ttl=116 time=8.36 ms
64 bytes from 8.8.8.8: icmp_req=9 ttl=116 time=8.34 ms
64 bytes from 8.8.8.8: icmp_req=10 ttl=116 time=8.30 ms
^C
--- 8.8.8.8 ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9007ms
rtt min/avg/max/mdev = 8.248/8.327/8.369/0.127 ms
root@Sourcefire3D:~# 

View solution in original post

10 REPLIES 10
Highlighted
Hall of Fame Guru

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

You need to switch to expert mode and then sudo to be root user.

Cisco Fire Linux OS v6.4.0 (build 2)
Cisco FirePOWER 7125 v6.4.0.9 (build 62)

> expert
admin@Sourcefire3D:~$ ping 8.8.8.8
ping: icmp open socket: Operation not permitted
admin@Sourcefire3D:~$ sudo su -
Password: 
Last login: Sat Jul 25 06:23:25 UTC 2020 on ttyp0
root@Sourcefire3D:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_req=1 ttl=116 time=8.24 ms
64 bytes from 8.8.8.8: icmp_req=2 ttl=116 time=8.36 ms
64 bytes from 8.8.8.8: icmp_req=3 ttl=116 time=8.33 ms
64 bytes from 8.8.8.8: icmp_req=4 ttl=116 time=8.36 ms
64 bytes from 8.8.8.8: icmp_req=5 ttl=116 time=8.31 ms
64 bytes from 8.8.8.8: icmp_req=6 ttl=116 time=8.34 ms
64 bytes from 8.8.8.8: icmp_req=7 ttl=116 time=8.30 ms
64 bytes from 8.8.8.8: icmp_req=8 ttl=116 time=8.36 ms
64 bytes from 8.8.8.8: icmp_req=9 ttl=116 time=8.34 ms
64 bytes from 8.8.8.8: icmp_req=10 ttl=116 time=8.30 ms
^C
--- 8.8.8.8 ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9007ms
rtt min/avg/max/mdev = 8.248/8.327/8.369/0.127 ms
root@Sourcefire3D:~# 

View solution in original post

Highlighted
Beginner

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

Hi Marvin,

 

Thanks to your suggestion and it works.

I can ping our Syslog server and it shows that the route to the Syslog server is OK. 

 

I have a follow up question then if you can help is as below:

 

In the Appliance itself, any way without the FMC I can set the Syslog server either by SSH or GUI (https login)?

 

thanks and regards,

Tangsuan Tan

 

Highlighted
Hall of Fame Guru

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

No. The 3-series appliances are designed to work with a managing Firepower Management Center (FMC).

FMC is where you set the syslog server, create rules, manage the system etc.

Highlighted
Beginner

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

Hi Marvin,

 

Thanks to your reply on the Appliance Syslog setup.

 

You mentioned 3-series Appliance are designed to work with a managing Firepower Management Center (FMC).

 

However, my Appliance is FirePOWER "7120", isn't it a "7" series can do the Syslog setup on the Appliance itself? Please clarify. Thanks!

 

regards,

tangsuan

Highlighted
Hall of Fame Guru

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

Series 3 (or "3 series") is the third series of Sourcefire physical appliances (rebranded as Cisco following the 2013 acquisition). All 7000 Series and 8000 Series devices are Series 3 appliances.

Reference table 3 here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html#reference_9C7ED89DF14645BDA166E80F7BDA5FB7

Highlighted
Beginner

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

Hi Marvin,

 

Many thanks to all your helps.

 

Now I have one more question is if SSH to FMC, how can I check the Syslog configuration is already configured and how can I know the status on the Syslog got sending the log to Syslog server?

 

This is because I have successfully set the Syslog and it is 'In Used' but we check the traffic through firewall, there is no traffic from this FMC to the Syslog server. That's why I want to ensure the configuration is there and the status of sending log is working.

 

Appreciat your reply and hope to hear from you soon.

 

Many thanks!

 

regards,

tangsuan

Highlighted
Hall of Fame Guru

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

From a cli session you could switch user to root (sudo su -) and run tcpdump filtering on udp/541 (syslog) packets.

Highlighted
Beginner

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

Hi Marvin,

 

Thanks to your reply.

I tried to SSH to the FMC by using the username and password to access the HTTPS but it is not successful. May I know how to reset the SSH access to the FMC or create new SSH account for the SSH by after HTTPS access?

 

thanks and regards,

tangsuan

Highlighted
Hall of Fame Guru

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

The GUI user account and cli user account are separate objects even if they have the same username (e.g., "admin").

If you lose the admin cli credential then you need to use the password recovery method described here:

https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118631-technote-firesight-00.html#anc8

Highlighted
Beginner

Re: Execute Ping Command in Cisco FirePOWER 7120 v6.4.0.9 (build 62)

Hi Marvin,

 

Thanks a lot on all your replies.

Appreciate your helps.

 

regards,

tangsuan