cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3668
Views
0
Helpful
4
Replies

Firepower 2110 ports down, up after reboot and down again repeatedly

rizkypahlevips
Level 1
Level 1

Hello Community,

I have a problem regarding one of my device, in this case the cisco Firepower 2110 appliance, i'm using it as my NAT device for nat to the internet. there's nothing big about the configuration, the configuration in my appliance is only an inside route to the core device, an outside route to the internet (which in this case i'm using dynamic IP on the outside), and a management port. all of the configuration i've done  is on the ASA Appliance mode. the problem is the casual ports (inside and outside) suddenly goes down. after a hard reboot from the appliance (power plug out, then plug it in again), the port came back up, but after a few days, the ports suddenly came down again. i've checked the cable on the core side and the internet side, there's no problem with that because when i moved the cable to connect to my laptop from the internet modem and the core device, it works fine. and i tried to get a crashdump on the dir, but there's no crashdump file on it. currently i'm using the ASA Version 9.12(3)12

please help 


4 Replies 4

  • Have you checked the logs on the core switch the FTD device connects to?
  • Have you checked the log files on the FTD device before performing a reboot? I understand that the interfaces appear to be down, but are you able to connect to the management port and check from there, or perhaps the console port?
  • Check the interface status on the FTD device (show interface x/x)
--
Please remember to select a correct answer and rate helpful posts

  • Have you checked the logs on the core switch the FTD device connects to? -no, i've only checked sh interface, its only tells me that the interface is down
  • Have you checked the log files on the FTD device before performing a reboot? I understand that the interfaces appear to be down, but are you able to connect to the management port and check from there, or perhaps the console port?-actually when this problem happened, i wasn't at the place at the time, but when this happened, i cant even ping,ssh,or telnet the device from the network/core switch

And is there any advice of what specific log i should check/record if this problem happens again?

It is difficult to know exactly what logs to be looking for as we do not know what is causing the issue yet.  If the issue happens again, I would suggest looking at the logs on both core switch and FTD 2110 and try to determine which side goes down first, and then check the logs before and after the interface goes down to see if there is anything that stands out.  Check the interfaces that go down on both core switch and FTD2110 to see if there are any interface errors.  

Is this an HA setup?  If yes, make sure that the MAC address of the active device is being used in the ARP table on the core switch.

Are you using portchannel between the core switch and the FTD2110?

--
Please remember to select a correct answer and rate helpful posts

adminadmin4126
Level 1
Level 1

We have also the same problem at 2110.  Please help us to solve this issue. is this bug? 

Review Cisco Networking for a $25 gift card