Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
55990
Views
81
Helpful
14
Replies

IP Address Change - Virtual FMC

Go to solution
GRANT3779
Spotlight
Spotlight

‎09-06-2016 07:34 AM - edited ‎03-12-2019 01:14 AM

I am looking to change IP address of our FirePOWER Management Center which is virtual. I can see option to do this via the standard GUI but read conflicting info that I may need to ssh and also run some command line? Can anyone clear this up?

Thanks

8 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-06-2016 06:36 PM

The FirePOWER Management Center address can be changed from the GUI as you noted.

There is a console-based procedure that can be used in the event that you only have console access (initial setup, original IP lost/unknown, remote network only accessible via console server, etc.)

An ASA FirePOWER module needs to be changed from the cli as those do not have any graphical interface.

View solution in original post

14 Replies 14

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-06-2016 06:36 PM

The FirePOWER Management Center address can be changed from the GUI as you noted.

There is a console-based procedure that can be used in the event that you only have console access (initial setup, original IP lost/unknown, remote network only accessible via console server, etc.)

An ASA FirePOWER module needs to be changed from the cli as those do not have any graphical interface.

Go to solution
GRANT3779
Spotlight
Spotlight
In response to Marvin Rhoads

‎09-07-2016 01:52 AM

Thanks Marvin.

I read somewhere, possibly on here that when someone changed the FMC IP, the FirePOWER modules that were registered against it somehow automagically picked up the new FMC address without them doing anything. Not a problem if not. I will add re register the modules to new IP.

0 Helpful

Go to solution
prashant dwivedi
Level 1
Level 1
In response to GRANT3779

‎05-31-2018 08:05 PM

Hey mate, 

did you do this in the prod network , if so, what was the impact of this to the registered devices?

 

Did FMC discover all of them automatically ?

 

Thanks,

Prashant

 

Go to solution
G_Singh
Level 1
Level 1
In response to Marvin Rhoads

‎07-11-2019 08:44 PM

Hi Mavin, I found out that my FMC IP also needs to be changed soon due to some conflicts. I hope process is straight forward as below.
1. Back up FMC/FTD configs
2. Change IP of FMC
3. Remove manager from appliances (FTDs)
4. Re-add those appliances with changed FMC IP
Since everything is in production, dont want to make much interruption.

Any suggestions....Thanks in advance!

Go to solution
Atasawar1
Level 1
Level 1

‎12-17-2017 01:43 AM

Via virtual appliance console;

sudo ifconfig eth0 x.x.x.x/x

sudo ip route add default via x.x.x.x

Go to solution
Patrick Laidlaw
Level 4
Level 4
In response to Atasawar1

‎07-25-2018 03:45 PM

The better way to do this is to execute the configure-network script.

 

sudo su

/etc/sysconfig/configure-network

 

 

Go to solution
gamoore
Level 1
Level 1
In response to Patrick Laidlaw

‎07-25-2018 04:46 PM

Is this script also at:

/usr/local/sf/bin/configure-network?

Our is the location specific to FMC version?

Thanks,

Go to solution
Harish Chopra
Cisco Employee
Cisco Employee
In response to Atasawar1

‎06-24-2020 03:17 AM

This was helpful for me. 

 

a bit change I had to do - ifconfig eth0 x.x.x.x (no netmask or /mask was needed)

ip route add default via x.x.x.x

0 Helpful

Go to solution
sheraz_latif
Level 1
Level 1

‎10-20-2018 08:08 PM - edited ‎10-20-2018 08:11 PM

FMC & FTD are not typical linux operating systems they are based on firepower and you need to know firepower if you want to fix console and shell issues. I was facing same issues i wanted to change management IP address because i lost access to old subnet i tried to vi default network files but they have scripts instead of typical linux options so don't mess up with them you will eventually crash your equipment if you want to change management IP address of these equipment run below command on firepower

 

 

>expert
if you need "sudo su" ok go ahead provide credential

now type below command

"sudo /usr/local/sf/bin/configure-network" >>> follow the network setup instructions!

Sheraz

Go to solution
Marcin Zgola
Level 4
Level 4
In response to sheraz_latif

‎11-05-2018 02:12 PM

What happened to FTD after you change FMC IP address? any steps there? did they go down?

 

CCIE 18676

Go to solution
moj_ccie
Level 1
Level 1
In response to Marcin Zgola

‎12-28-2020 10:08 PM

On Cisco FTD:

You have to remove FTD Manager (Configure manager delete)

Then again add it with new IP (#configure manager add <IP add> <Unique Code>

 

On Cisco FTD: No more change is needed

 

Note:

Your FTD and FMC IP addresses must be in same network

Go to solution
frank2112
Level 1
Level 1
In response to moj_ccie

‎07-06-2023 01:23 PM

What if the FTD and FMC are on different networks?  In our case, we have several remote firewalls that are managed by the FMC at our main site (which is accessible thru a static mapping thru on of the FTD firewalls).  Can I not change the "Configure Manager" in this case on the remote FTD boxes?

0 Helpful

Go to solution
mweichseltree
Level 1
Level 1
In response to moj_ccie

‎11-10-2023 02:28 AM

@moj_ccie wrote:

On Cisco FTD:

You have to remove FTD Manager (Configure manager delete)

Then again add it with new IP (#configure manager add <IP add> <Unique Code>

 

On Cisco FTD: No more change is needed

 

Note:

Your FTD and FMC IP addresses must be in same network

they certainly must be reachable but not in the same network 

Go to solution
moj_ccie
Level 1
Level 1
In response to mweichseltree

‎02-14-2024 12:23 AM

Exactly 

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card