Firepower 2100 Viewing Power or Outside Connection Loss

dewey89 · ‎08-03-2020

What are the CLI commands or where in the FMC can you see if the firewalls lost power "Up Time" or lost network connections to the outside?

We had a scheduled building generator check and some odd things happened that pointed to losing our network connection. I tried reviewing the firewalls and FMC, but I can't seem to located the commands or menu to find the Up Time of the device.

None of the expected commands nor a question mark searching for commands could identify what to use. I've tried the show commands using environmental, system, chassis, server and others, but the output didn't provide any indication of "Up Time".

Firepower 2110's and FMC running 6.4.0.7

Marius Gunnerud · ‎08-03-2020

if you log into the FTD device and issue the show version command, you will see the up time there.

> system support diagnostic-cli

FTD# show version | in up
FTD up 95 days 20 hours
failover cluster up 1 year 118 days

--
Please remember to select a correct answer and rate helpful posts

dewey89 · ‎08-03-2020

That command didn't provide the output you said

Marius Gunnerud · ‎08-03-2020

That post was taken straight out of an FTD4110 so, yes, it does provide that output

--
Please remember to select a correct answer and rate helpful posts

dewey89 · ‎08-03-2020

Maybe fore a 4110, but not a 2110. I ran the command twice and double checked the syntax.

Marius Gunnerud · ‎08-04-2020

Just jumped onto a FTD2110 and the command works there.

firepower# sh ver
----------------[ FTD ]-----------------
Model : Cisco Firepower 2110 Threat Defense
UUID :
Rules update version :
VDB version :
----------------------------------------------------

Cisco Adaptive Security Appliance Software Version 9.12(2)33
Firepower Extensible Operating System Version 2.6(1.201)

Compiled on Thu 07-May-20 23:41 PDT by builders
System image file is "disk0:/mnt/boot/installables/switch/fxos-k8-fp2k-npu.2.6.1.201.SPA"
Config file at boot was "startup-config"

firepower up 49 days 12 hours
failover cluster up 238 days 1 hour

Hardware: FPR-2110, 6828 MB RAM, CPU MIPS 1200 MHz, 1 CPU (6 cores)

1: Int: Internal-Data0/1 : address is 000f.b748.4801, irq 0
3: Ext: Management1/1 : address is a023.9f92.3101, irq 0
4: Int: Internal-Data1/1 : address is 0000.0100.0001, irq 0
5: Int: Internal-Data1/2 : address is 0000.0300.0001, irq 0
6: Int: Internal-Control1/1 : address is 0000.0001.0001, irq 0

Serial Number:
Configuration last modified by enable_1 at 01:23:02.139 UTC Fri Jul 31 2020

--
Please remember to select a correct answer and rate helpful posts

dewey89 · ‎08-04-2020

You're running ASA and I'm running FTD natively. The output just doesn't include the uptime in FTD or in FXOS.

dewey89 · ‎08-03-2020

Found where the FMC reports Up Time. It's listed under SYSTEM> MONITORING> STATISTICS>. You select your device to get the uptime. I was in the FMC when the building generator kicked in and shut off, but saw no indication on the FMC that both firewalls in an HA configuration went down twice. If you want FW's with redundant power supplies don't get an FP2110 or FP2120. They are both single power supplies and they can't be replaced, you have to send in the entire chassis to get a replacement.

Marius Gunnerud · ‎08-03-2020

When planning your deployment always check the datasheets to make sure the device you are considering supports your requirements.

--
Please remember to select a correct answer and rate helpful posts

dewey89 · ‎08-03-2020

We had a group from Cisco come to our location for a meeting and they recommended the equipment. I didn't check, but at least the ASA 5520 we upgraded from had a replaceable PS.