11-06-2017 02:03 PM - edited 02-21-2020 06:39 AM
I have a newly upgraded ASA 5516 that was previously running ASA OS and is now running FTD. For some reason the Management1/1 interface is admin down, line up.
Interface Management1/1 "diagnostic", is administratively down, line protocol is up
Hardware is en_vtun rev00, BW 1000 Mbps, DLY 10 usec
Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps)
Input flow control is unsupported, output flow control is off
MAC address 70db.9822.ac66, MTU 1500
IP address unassigned
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 pause input, 0 resume input
0 L2 decode drops
0 packets output, 0 bytes, 0 underruns
0 pause output, 0 resume output
0 output errors, 0 collisions, 0 interface resets
0 late collisions, 0 deferred
0 input reset drops, 0 output reset drops
input queue (blocks free curr/low): hardware (0/0)
output queue (blocks free curr/low): hardware (0/0)
Traffic Statistics for "diagnostic":
0 packets input, 0 bytes
0 packets output, 0 bytes
0 packets dropped
1 minute input rate 0 pkts/sec, 0 bytes/sec
1 minute output rate 0 pkts/sec, 0 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 0 pkts/sec, 0 bytes/sec
5 minute output rate 0 pkts/sec, 0 bytes/sec
5 minute drop rate, 0 pkts/sec
Management-only interface. Blocked 0 through-the-device packets
I can see in the running-config that it is in a shutdown state but cannot figure out how to bring up the interface.
interface Management1/1
management-only
shutdown
nameif diagnostic
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
no ip address
Any assistance is greatly appreciated.
Thank you,
Ryan
Solved! Go to Solution.
11-09-2017 07:44 AM
I had to call TAC on this for a resolution. It was actually due to the config-register being set to 0x41. Changing it to 0x1 resolved the issue.
11-06-2017 03:24 PM
Hi @rbermel83
Have you tried this:
interface management n/n
no shutdown
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/reimage/asa-ftd-reimage.html
-If I helped you somehow, please, rate it as useful.-
11-07-2017 05:04 AM
11-08-2017 08:55 AM
11-09-2017 07:44 AM
I had to call TAC on this for a resolution. It was actually due to the config-register being set to 0x41. Changing it to 0x1 resolved the issue.
04-14-2019 07:17 AM
Thanks! I had the same issue and was scratching my head for a while trying to figure out why the management interface wasn't coming up! Thank you!
03-03-2020 11:17 PM
Thanks for this post. I spent a lot of time to resolve this issue.
07-21-2021 04:46 PM
Thanks, This is why ASA's are falling way short of Palo Alto's.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide