Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
498
Views
1
Helpful
4
Replies

Need Help with Cisco Firepower 1120

qlee
Level 1
Level 1

‎05-07-2025 05:19 AM

Problem: 

Firewall shows it is connected to the Internet, it can sees the gateway. But, we not getting any data through. 

What We've Tried:

Set up static and dynamic NATs, both before and after Auto NAT rules.


Used various zone objects and policies (network, host, IP range zones).


DNS is set up with Cisco and OpenDNS, and they're working fine.


Ping and Tracert tests both failed, even when forcing DNS by naming websites.

Labels:
0 Helpful
4 Replies 4

Marius Gunnerud
VIP
VIP

‎05-08-2025 12:30 AM

A couple things to check and answer if you could:

  • How is the FTD managed? (FMC / FDM / ASA)
  • Is the internet terminated directly on the Firewall, I mean does the firewall have a public IP on the "outside" interface?
  • Is the default route configured?
  • If yes, are you able to ping the default gateway IP from the firewall?
  • Are you able to ping 8.8.8.8 from the firewall?

If you are able to ping the internet from the firewall then there is possibly an issue with configuration.  In this case start by running a packet-tracer on the inside interface (the interface where client traffic is entering the firewall) and paste the results here. 

Would also be good if you post the configuration for the following (remember to remove any public IP or otherwise sensitive information):

  • Interface configuration
  • static / default route configuration
  • Relevant ACP policy configuration
  • NAT configuration
--
Please remember to select a correct answer and rate helpful posts
0 Helpful

qlee
Level 1
Level 1
In response to Marius Gunnerud

‎05-08-2025 09:36 AM

Thanks, Marius.

We found the problem. It seems you cannot use the object "any-ipv4" when selecting a network. We had to create an object called "inside-network" and use a specific IP range. It appears this is not documented anywhere. However, after we rebooted the firewall to ensure it comes back online, it dropped offline again, and we got kicked out of the wizard after inputting the external connection.

Now, we are unable to access FTD. We will reset and try again.

 

0 Helpful

qlee
Level 1
Level 1
In response to qlee

‎05-09-2025 12:14 PM

Now we can’t figure why the Firewall will stay up and online for a few hours then go down. It requires a full factory reset to get it back online. 

 

Marius Gunnerud
VIP
VIP
In response to qlee

‎05-10-2025 02:53 PM

Could you be more specific. What do you mean when you say "Firewall will stay up and online for a few hours then go down" ?

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card