Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
199
Views
1
Helpful
2
Replies

Firepower 1010 switchports stop responding after power outage

rbgnr111
Level 1
Level 1

‎04-30-2024 05:57 AM

Does anyone have a permanent fix they have found for this? I've opened a ticket with Cisco on this issue, and was just told use my workaround, that this is a known issue and it would be resolved in the next release. That was in December. There has been a release, but it was not resolved. The only part that looks like it may have been fixed in the latest release is where the SSL certificate disappears after a power outage. I have 5 remote sites running version 7.2.6 now, we'd previously been running 7.2.5.

 

This only appears to happen on ports configured as switchports, I have trunking configured too, but every time there is a loss of power everything internally goes down because the switchport on the firepower 1010 stops responding. 

from the firewall, I can see arp, and that there are devices out there. I cannot ping anything, and the devices on the network are not able to see anything beyond their vlan segment. 

the workaround I've found works (though I shouldn't need to do this every time the firewall reboots):

1. reconfigure the switchport interfaces to routed

2. deploy the config

3. configure the interface back to switchport, and apply vlan configurations

4. deploy config

 

after doing that it works again, at least until the next power outage. 

 

 

 

Labels:
0 Helpful
2 Replies 2

Aref Alsouqi
VIP
VIP

‎04-30-2024 06:17 AM

I never came across this issue before, however, if TAC confirmed that this is a bug and would be fixed in the next release, probably I would downgrade back to 7.2.5 until that release is out and then upgrade again.

0 Helpful

rbgnr111
Level 1
Level 1
In response to Aref Alsouqi

‎04-30-2024 09:42 AM

I'd opened the TAC incident when it was running 7.2.5, and just recently saw 7.2.6 come out. All of the issues with 7.2.5 and cisco saying to move to the next release was why we installed 7.2.6.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card