Solved: Firepower 2110 bandwidth monitoring

Danny Mainprize · ‎07-01-2020

I have recently migrated from an ASA 5525-X to a Firepower 2110. I had PRTG connecting to my old ASA and logging the bandwidth usage on the inside and outside ports via snmp. I have not been able to find a way to replicate this to the new Firepower appliance.

I have two FP2110s that are managed via Firepower Management Center. I have enabled snmp, at least I think I have, and PRTG can connect to and see several interfaces (lo traffic, Intel Corp I211 network adapter, tap0, tap0.1000, tap0.2000 etc...) but none have the actual used bandwidth for the inside or outside interfaces which are ports 1 and 10. I cannot find a way in FMC to show accurate traffic and even if it did, I have no doubt it will not store this for historical reporting. Has anyone had any luck using PRTG like this on a FP appliance?

Marvin Rhoads · ‎07-01-2020

You need to manage the "LINA" portion of the Firepower appliance, not the FXOS portion. It requires (as of 6.6) using the diagnostic interface which is not configured by default. Once that is setup, PRTG can query the usual ASA MIB that's supported on the LINA susbsystem

View solution in original post

Marvin Rhoads · ‎07-01-2020

You need to manage the "LINA" portion of the Firepower appliance, not the FXOS portion. It requires (as of 6.6) using the diagnostic interface which is not configured by default. Once that is setup, PRTG can query the usual ASA MIB that's supported on the LINA susbsystem