01-12-2024 02:51 AM - edited 01-12-2024 04:43 AM
I've a Cisco Firepower 2110 which is not used at the moment.
I just try to bring it up for learning purposes.
I did factory-reset via console-cable and added new management-ip-address (mgmt-port).
Changed the admin password.
I can connect with SSH, but https shows "Forbidden. You don't have permission to access / on this server."
When connected with SSH and type "connect ?" I can see ftd and local-mgmt. "connect local-mgmt" works,
but "connect ftd" shows "Error: Application is not installed."
But validation of the package is OK!
The Package Name is : cisco-ftd-fp2k.6.2.2-81.SPA
The Validation status: Ok
Enter 'show validation package 6.2.2-81' to see detailed result.
firepower-2110 /firmware # show validation package 6.2.2-81
Firmware Package 6.2.2-81:
Validation Time Stamp: 2024-01-12T10:34:32.413
Pack Name: cisco-ftd-fp2k.6.2.2-81.SPA
Validation State: Completed
Overall Status Code: Ok
firepower-2110 /firmware #
What step am I missing?
01-12-2024 02:53 AM
Can you share
show network
When you access via ssh
MHM
01-12-2024 03:21 AM - edited 01-12-2024 03:28 AM
Hello chris-doro,
Please follow the link...that provides detailed setps for Getting started with Firepower; Hope it might be helpful...
Best regards
******* If This Helps, Please Rate *******
01-12-2024 04:46 AM
Thanks, but this does not help.
Because I've followed these steps, but they do not explain, why I get forbidden for https://.
And they do not explain why I get "application not installed, when I see that it exists".
And this happens on both firepowers 2110 I have.
01-12-2024 05:19 AM
You have the image present in the fxos file system but is is not installed as an application instance. The commands provided by @Marius Gunnerud would confirm this.
You should be able to follow the steps described here to complete application (re)installation: https://www.cisco.com/c/en/us/td/docs/security/firepower/2100/troubleshoot_fxos/b_2100_CLI_Troubleshoot/b_2100_CLI_Troubleshoot_chapter_011.html#task_n5q_3v1_hbb
01-12-2024 05:29 AM - edited 01-12-2024 05:31 AM
"install security-pack version 6.2.2-81 force" fails...
FTD1 /firmware/auto-install # show detail
Firmware Auto-Install:
Package-Vers: 6.2.2-81
Oper State: Scheduled
Installation Time: 2024-01-12T14:26:55.576
Upgrade State: Failed To Install Application
Upgrade Status: failed to install app
Validation Software Pack Status: ok
Firmware Upgrade Status: up-to-date
Current Task:
FTD1 /firmware/auto-install # exit
FTD1 /firmware # exit
FTD1# connect ftd
Error: Application is not installed.
FTD1#
01-12-2024 05:39 AM - edited 01-12-2024 05:40 AM
Then I would suggest to try either performing a factory reset or reimaging the FTD. Both of these are described in the link @Marvin Rhoads provided, And linking to that document would have been my next post once the issue was confirmed.
01-12-2024 04:44 AM
Could you issue the following commands and post the output here please.
scope fabric a
show detail
scope ssa
show app-instance
01-12-2024 05:16 AM
FTD1 /fabric-interconnect # show detail
Fire Power:
ID: A
Product Name: Cisco FPR 2110
PID: FPR-2110
VID: V01
Vendor: Cisco Systems, Inc.
Serial (SN): JMX21xxxx
OOB IP Addr: 192.168.101.241
OOB Netmask: 255.255.255.0
OOB Gateway: 192.168.101.254
OOB Gateway Use DataPort: No
OOB Boot Proto: Static
OOB IPv6 Address: ::
Prefix: 64
OOB IPv6 Gateway: ::
OOB IPv6 Gateway Use DataPort: No
IPv6 Boot Proto: Static
DHCPD Admin State: DHCP Server Disabled
Operability: Operable
Thermal Status: N/A
Current Task 1:
Current Task 2:
Current Task 3:
Current Task 4:
FTD1 /fabric-interconnect #
FTD1 /ssa # show app-instance
Application Name Slot ID Admin State Operational State Running Ver
sion Startup Version Cluster Oper State
-------------------- ---------- --------------- -------------------- -----------
---- --------------- ------------------
ftd 1 Disabled Install Failed
6.2.2.81 Not Applicable
FTD1 /ssa #
FTD1 /ssa/slot/app-instance* # show
Application Instance:
Application Name Admin State Operational State Running Version Startup Versi
on
---------------- ----------- ----------------- --------------- -------------
--
ftd Disabled Install Failed 6.2.2.81
FTD1 /ssa/slot/app-instance* # enable
FTD1 /ssa/slot/app-instance* #
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide