02-26-2018 03:43 PM - edited 02-21-2020 07:27 AM
I've got 20+ Cisco 5506s deployed with the FirePower Threat Defense (FTD) 6.2.2.1 code. They are all managed by a single FMC server. When I go into Devices > Device Management, several show up as green/online, but I'm not able to ping them from my FMC.
On a few of my remote FTD boxes, they don't seem to have a default gateway defined in the config and I don't know how to set one on them. I'm not able to ping a few of them from my FMC, so I'm not sure why they are reporting as online.
Any thoughts on how to fix the default gateway/routing issue on these boxes? I can access these boxes fine if I try to SSH from a PC on their local subnet, so that's why I think its got to be a GW issue.
Solved! Go to Solution.
08-28-2018 05:39 AM
Thank you kindly for your help, I had the same issue and steps outlined resolved it. Make sure to use :w to write in vi and :q to quit in order not to create multiple instances in vi editor. Cheers
02-06-2019 03:10 AM
Been reading this thread with great interest, many thanks chaps. However can not help feeling not disappointed as one would expect to be able to run a simple cli command to set the default gateway (or gateway of last resort) to any last hop or interface like we used to be able to do. E.g. ip route 0.0.0.0 0.0.0.0 10.140.40.1 (on standard routed IOS L3 switch/router). Is it possible to set the similar up on FTD?
I use inside interface as management & data interface but the default gateway on some of the firewalls may not be this interface but another legacy lab/project facing segregated interface where we may not be able to define all the subnets in which case setting int of our choice as default gateway next hop works nicely. Cisco ASA OS allows us to do this with no issues but now that I have to upgrade to FTD without being able to replicate ASA default gateway we could cause outages if we cant replicate routes like for like.
See below: My management interface IP and DG was set just to complete the initial setup. After that we manage the box via inside int IP. Despite having mgmt int default gateway set "> show network" command "> show static route says" Gateway of last resort is not set
Is it possible to set the "Gateway of last resort" on FTD? Many Thanks
> show route static
Gateway of last resort is not set
> show network
===============[ System Information ]===============
Hostname : XXX-LAB-2110-FW02
DNS Servers : x.x.x.x
x.x.x.x
Management port : 8305
IPv4 Default route
Gateway : 10.0.0.100
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide