Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1704
Views
5
Helpful
4
Replies

SSH access issue after migrate to FTD on a FMC

MambaRod16
Level 1
Level 1

‎05-05-2022 06:28 PM

Hellow experts, 

I upgraded an FTD 1140 that was running an ASA image in order to add it to the FMC server.

I Performed the configuration migration using the Firepower Migration Tool. Install the new image, add the new admin credentials and enroll the FTD to the FMC console successfully.

The problem is that I can no longer access the FTD via SSH through the management port. The FTD asks me for admin credentials but when I enter them correctly, it still gives me the access denied message. I know that the admin credentials are correct because if I connect through the console and use that same password, I can enter the FTD. I am using the new password configured after the equipment upgrade.

This access via ssh to the CLI of the FTD is very important because I can run the system support diagnostic cli and perform a more efficient verification of the equipment.

Another thing that I find strange is that the FTD does not appear in the platform settings section like the other FTDs.

 

FMC Details:

 

Cisco Firepower Management Center for VMWare
None
6.4.0.9

 

FTD Details:

Cisco Adaptive Security Appliance Software Version 9.12(1)6
Firepower Extensible Operating System Version 2.6(1.133)

 

4 Replies 4

MambaRod16
Level 1
Level 1

‎05-06-2022 02:10 PM

Is there any way to create a new user from the FMC to get access on the FTD via SSH? 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to MambaRod16

‎05-09-2022 08:31 AM

No but if you use external authentication (via RADIUS) and enable it for shell access you can then use external user identities to login via ssh.

0 Helpful

MambaRod16
Level 1
Level 1

‎05-18-2022 03:56 PM

With this I have another problem and it is that this FTD does not appear in the Settings Platform section to be able to enable authentication via Radius.

Is there any specific reason why this computer migrated to the FMC does not appear in the Platform Settings part?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to MambaRod16

‎05-19-2022 06:04 AM

Please confirm this is a Firepower 1140 running FTD image. If so, what version is it running. I ask because 6.4 was the first image to even support that hardware and if you recently re-imaged it would be very unusual to run such an old image.

The recommended image for FMC would be 7.0.2 and the same on the managed device(s) - assuming they support it.

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card