Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
590
Views
2
Helpful
6
Replies

Firepower 1010

Go to solution
BornJames
Level 1
Level 1

‎07-07-2023 06:51 PM - edited ‎07-07-2023 07:55 PM

Hello Team,

Have set up firewall with basics as well as some firewall rules. Everything seems to be working fine.

However on the front page for the internet link I am seeing "gateway cannot be reached through port ethernet 1/1"

BornJames_0-1688778981677.png

BornJames_1-1688779060018.png

 

 

Also rules like simple ones any any or even if I specify ports "HTTPS"  works fine, however when im adding fqdn it stops working, is there a special way of adding the rules ?

 

anyone knows what could be the issue?

1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP
In response to BornJames

‎07-08-2023 03:28 AM

that OK, 
connect 
mgmt TO data interface (not TO VLAN1 )
this data interface assign manual IP 192.168.45.1 (disable DHCP server for data interface)
go to mgmt interface make GW is data interface. 
this above I think is solve issue for both mgmt interface and OUTside interface 

View solution in original post

0 Helpful
6 Replies 6

Go to solution
MHM Cisco World
VIP
VIP

‎07-08-2023 12:00 AM

sorry can i see how you config OUTside interface ?

0 Helpful

Go to solution
BornJames
Level 1
Level 1
In response to MHM Cisco World

‎07-08-2023 02:01 AM - edited ‎07-08-2023 02:06 AM

Hello, thank you for the reply.

here is the outside port the ip is 192.168.10.... ( it is connected to a modem )

 

BornJames_0-1688806725452.png

all the other ports are on vlan 1 and ip is 192.168.1.... (dhcp server is enabled on the firewall)

 

Go to solution
MHM Cisco World
VIP
VIP
In response to BornJames

‎07-08-2023 02:19 AM

this OK, 
mgmt interface is connect to data interface, i.e. data interface is GW for mgmt.
but the mgmt interface have different subnet than 192.168.1.0, and you mention that the all other data interface have 192.168.1.0 ?

0 Helpful

Go to solution
BornJames
Level 1
Level 1
In response to MHM Cisco World

‎07-08-2023 02:29 AM

yeh the management is one a standard as specified in a starter guide

192.168.45...

BornJames_0-1688808549419.png

 

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to BornJames

‎07-08-2023 03:28 AM

that OK, 
connect 
mgmt TO data interface (not TO VLAN1 )
this data interface assign manual IP 192.168.45.1 (disable DHCP server for data interface)
go to mgmt interface make GW is data interface. 
this above I think is solve issue for both mgmt interface and OUTside interface 

0 Helpful

Go to solution
BornJames
Level 1
Level 1
In response to MHM Cisco World

‎07-08-2023 03:47 AM

thak you it did work, now it is all green,

would you know by any chance why when I enter the FQDN to lets say google.com it does not work, but works with any nay rule

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card