cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4567
Views
5
Helpful
4
Replies

Firepower 2110 - Platform vs. Appliance Mode ASA deployement

thisguyhere
Level 1
Level 1

My team is working to deploy a pair of FPR2110-ASA-K9 in an active/standy, single mode configuration and we want to manage via the ASA.

 

During initial setup we found that certain configurations are only available using FXOS, such as enabling interfaces and speed/duplex settings, this is leading us to believe that the firewalls are running in platform mode instead of appliance mode which is supposed to be default.

 

There is documentation on how to change between platform and appliance mode using the fxos command but this is not showing up on the firewall asa console as a recognized command. So it seems we're running in platform mode when we need appliance mode, and the 'fxos' command or 'show fxos' commands are not functional.

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/asa-platform.html#task_jgs_ntw_shb

 

Code version is cisco-asa-fp2k.9.12.3.12.SPA

 

Thank you

 

 

 

 

 

 

 

 

 

4 Replies 4

Regardless of which mode you are in, the show fxos mode command should show you which mode you are running in.

If you issue the command connect fxos admin do you recieve an error?  If yes, could you please post the error.

--
Please remember to select a correct answer and rate helpful posts

Hello,
The 'show fxos mode' command is not recognized. Based on another comment this may to be due to the code level. We're running 9.12.x and Appliance mode appears to have been introduced starting at 9.13 so we will attempt a code upgrade.
Thank you

gusgus1971
Level 1
Level 1

Hi I have a similar issue, building FTD2110s on 9.14.1, trying to set-up the FXOS side as in IP address so we can manage the chassis as well as the ASA side yet commit-buffer command does not work in appliance mode. So 1) how do I configure an IP address for remote ssh and HTTPS access to the FXOS? 2) can I configure this on any interface or just mgmt? 3) can the ASA and FXOS share the same non management 1/1 interface for mgmt access?

 

It would have been better if you created a new post as this post is quite old.

However, only the. FTD4100 and FTD9300 require a separate FXOS chassis IP.  The FTD2100 series does not have a separate chassis management interface as it is integrated with the FTD, they share the management1/1 interface.

https://www.cisco.com/c/en/us/td/docs/security/asa/fxos/config/asa-2100-fxos-config/intro.html

 

--
Please remember to select a correct answer and rate helpful posts
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: