Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1287
Views
5
Helpful
10
Replies

Firepower 1140 does not have enable mode

Go to solution
johnchrapkowski
Level 1
Level 1

‎12-21-2023 07:24 AM

Full disclosure, I am a Juniper guy  But I've inherited a cisco 1140 firepower ASA firewall appliance.  All the docs I'm reading seem to indicate I should be able to ssh in (I can) and then run enable to be able to make config changes(i can't).  There is no 'enable' command upon logging in.  It's like I don't have the full Cisco OS installed


Thanks is advance for any help

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-21-2023 08:09 AM

Cisco IOS and IOS Xe works different, comparing that command syntax is bit different in Firepower

If you login and have # means you can able to configure - if you looking expert mode type expert to get expert mode.

below quick start guide help you :

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp1100/firepower-1100-gsg/ftd-fmc.html

Firepower not much major you can do over CLI, most of the configuration done by GUI.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Go to solution
Rob Ingram
VIP
VIP
In response to johnchrapkowski

‎12-21-2023 08:45 AM

@johnchrapkowski ok, so you are using the FTD software image. As mentioned previously, you have to use the Web GUI to configure the device, there are very few commands on the CLI to configure the device. The CLI is used for basic configuration of the mgmt interface and diagnostic troubleshooting etc.

View solution in original post

10 Replies 10

Go to solution
MHM Cisco World
VIP
VIP

‎12-21-2023 07:28 AM - edited ‎12-21-2023 08:52 AM

MHM

Go to solution
Rob Ingram
VIP
VIP

‎12-21-2023 07:50 AM

@johnchrapkowski are you running the ASA software or FTD software image on the 1140 hardware?

They are different, with the ASA you can use the CLI to configure the device or ASDM, but with the FTD software image the vast majority of the configuration is applied via GUI, there is very little to configure on the CLI, so this might explain your confusion? If you are using the ASA software image does your organisation use TACACS and you do not have full permissions to run the commands when you connect using SSH?

Go to solution
johnchrapkowski
Level 1
Level 1
In response to Rob Ingram

‎12-21-2023 08:29 AM

Thank you so much, this information is very helpful.  I think I have full access as I log in with admin and a password via both ssh and the GUI and don't have anything I am prevented from doing that is obvious.  Is there a CLI command that will show what permission level I have?


Thanks again!

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to johnchrapkowski

‎12-21-2023 08:36 AM

@johnchrapkowski use the command show curpriv will tell you the current privilege level.

You didn't say what software image you are running.

Go to solution
johnchrapkowski
Level 1
Level 1
In response to Rob Ingram

‎12-21-2023 08:42 AM

I hope this is what you mean by software image, apologies for not being up to speed on the terminology: 

> show version
-------------------[ firepower ]--------------------
Model : Cisco Firepower 1140 Threat Defense (78) Version 7.0.1 (Build 84)
UUID : f84e3422-eb3e-11eb-a2a9-ab34b6da5c4f
LSP version : lsp-rel-20231215-1023
VDB version : 361
----------------------------------------------------

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to johnchrapkowski

‎12-21-2023 08:45 AM

@johnchrapkowski ok, so you are using the FTD software image. As mentioned previously, you have to use the Web GUI to configure the device, there are very few commands on the CLI to configure the device. The CLI is used for basic configuration of the mgmt interface and diagnostic troubleshooting etc.

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-21-2023 08:09 AM

Cisco IOS and IOS Xe works different, comparing that command syntax is bit different in Firepower

If you login and have # means you can able to configure - if you looking expert mode type expert to get expert mode.

below quick start guide help you :

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp1100/firepower-1100-gsg/ftd-fmc.html

Firepower not much major you can do over CLI, most of the configuration done by GUI.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
johnchrapkowski
Level 1
Level 1

‎12-21-2023 08:52 AM

OK thanks for the help, it's really appreciated!   Are these devices targeted to the more 'basic' user, and that's why some of the functionality is not able to be configured?  For example, I need to set mss to a specific value and the gui doesn't offer this setting.

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to johnchrapkowski

‎12-21-2023 08:55 AM

@johnchrapkowski it sounds like you are using local FDM management (you connect to the IP address of the device to manage)?  If so this has basic functionality. If you use the FMC central management solution you get much more functionality, there is an additional cost for FMC.

0 Helpful

Go to solution
johnchrapkowski
Level 1
Level 1
In response to Rob Ingram

‎12-21-2023 08:58 AM

Ah that makes sense!  Again, all the help is very much appreciated

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card