cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Webcast- Catalyst 9000
305
Views
0
Helpful
9
Replies

FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

I'm following behind a previous Engineer (we all know how frustrating that can be).  I was given permission by the PM to reset the Firepower to Factory, which I did.   I connected my laptop to the GE Management port (per the Configuration Guide), and set my browser to https://192.168.45.45  - I received a certificate warning, and I chose to "Continue to website" - Upon which the spinning wheel continued for about 2 minutes, then a browser message appeared "Service Timeout"   --  The server your are attempting to connect to is "Under Maintenance" try again later??

 

Can someone assist me with this?   I believe it may be certifacte issue.  But I haven't configured a Firepower before.  An per the Config Guide, my connection to the GE MGMT port should allow me connect directly to the webpage in the FirePower.

 

Any assistance would be greatly appreciated.

 

Last login: Tue May 7 11:28:56 UTC 2019 on ttyS0
Successful login attempts for user 'admin' : 4

Copyright 2004-2018, Cisco and/or its affiliates. All rights reserved.
Cisco is a registered trademark of Cisco Systems, Inc.
All other trademarks are property of their respective owners.

Cisco Fire Linux OS v6.2.3 (build 13)
Cisco Firepower 2110 Threat Defense v6.2.3 (build 83)

Cisco Firepower Extensible Operating System (FX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2009-2015, Cisco Systems, Inc. All rights reserved.

The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license.

Certain components of this software are licensed under the "GNU General Public
License, version 3" provided with ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, Version 3", available here:
http://www.gnu.org/licenses/gpl.html. See User Manual (''Licensing'') for
details.

Certain components of this software are licensed under the "GNU General Public
License, version 2" provided with ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. See User Manual
(''Licensing'') for details.

Certain components of this software are licensed under the "GNU LESSER GENERAL
PUBLIC LICENSE, version 3" provided with ABSOLUTELY NO WARRANTY under the terms
of "GNU LESSER GENERAL PUBLIC LICENSE" Version 3", available here:
http://www.gnu.org/licenses/lgpl.html. See User Manual (''Licensing'') for
details.

Certain components of this software are licensed under the "GNU Lesser General
Public License, version 2.1" provided with ABSOLUTELY NO WARRANTY under the
terms of "GNU Lesser General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. See User Manual
(''Licensing'') for details.

Certain components of this software are licensed under the "GNU Library General
Public License, version 2" provided with ABSOLUTELY NO WARRANTY under the terms
of "GNU Library General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.0.html. See User Manual
(''Licensing'') for details.

firepower# show
chassis Chassis
cli CLI Information
clock Clock
configuration Configuration
eth-uplink Ethernet Uplink
event Event Management
fabric-interconnect Show NGFW
fault Fault
identity Identity
ntp-overall-status NTP Overall Time-Sync Status
registry-repository Registry Repository
security security mode
sel System Event Log
server Server
system Systems
tech-support Tech Support
timezone Set timezone
version System version

firepower# show configuration
scope org
enter bios-policy SRIOV
set acpi10-support-config acpi10-support platform-default
set all-usb-devices-config all-usb platform-default
set altitude altitude-config platform-default
set assert-nmi-on-perr-config assertion platform-default
set assert-nmi-on-serr-config assertion platform-default
set boot-option-retry-config retry platform-default
set console-redir-config baud-rate platform-default
set console-redir-config console-redir platform-default
set console-redir-config flow-control platform-default
set console-redir-config legacy-os-redir platform-default
set console-redir-config putty-function-keypad platform-default
set console-redir-config terminal-type platform-default
set core-multi-processing-config multi-processing platform-default
set cpu-performance-config cpu-performance platform-default
set description "Recommended bios settings for SRIOV vNICs"
set direct-cache-access-config access enabled
set dram-clock-throttling-config dram-clock-throttling platform-default
set dram-refresh-rate-config dram-refresh platform-default
set enhanced-intel-speedstep-config speed-step platform-default
set execute-disable bit platform-default
set frb-2-timer-config frb-2-timer platform-default
set frequency-floor-override-config cpu-frequency platform-default
set front-panel-lockout-config front-panel-lockout platform-default
set hyper-threading-config hyper-threading platform-default
set intel-entry-sas-raid-config sas-raid platform-default
set intel-entry-sas-raid-config sas-raid-module platform-default
set intel-turbo-boost-config turbo-boost platform-default
set intel-vt-config vt enabled
set intel-vt-directed-io-config ats-support platform-default
set intel-vt-directed-io-config coherency-support disabled
set intel-vt-directed-io-config interrupt-remapping enabled
set intel-vt-directed-io-config passthrough-dma platform-default
set intel-vt-directed-io-config vtd enabled
set interleave-config channel-interleave platform-default
set interleave-config memory-interleave platform-default
set interleave-config rank-interleave platform-default
set local-x2-apic-config localx2-apic platform-default
set lv-dimm-support-config lv-ddr-mode platform-default
set max-memory-below-4gb-config max-memory platform-default
set max-variable-mtrr-setting-config processor-mtrr platform-default
set memory-mapped-io-above-4gb-config memory-mapped-io platform-default
set memory-mirroring-mode mirroring-mode platform-default
set memory-ras-config ras-config platform-default
set memory-sparing-mode sparing-mode platform-default
set numa-config numa-optimization platform-default
set onboard-sas-storage-config onboard-sas-ctrl platform-default
set os-boot-watchdog-timer-config os-boot-watchdog-timer platform-defau
lt
set os-boot-watchdog-timer-policy-config os-boot-watchdog-timer-policy
platform-default
set os-boot-watchdog-timer-timeout-config os-boot-watchdog-timer-timeou
t platform-default
set p-state-coordination-config p-state platform-default
set package-c-state-limit-config package-c-state-limit platform-default
set policy-owner local
set post-error-pause-config post-error-pause platform-default
set processor-c-state-config c-state platform-default
set processor-c1e-config c1e platform-default
set processor-c3-report-config processor-c3-report platform-default
set processor-c6-report-config processor-c6-report platform-default
set processor-c7-report-config processor-c7-report platform-default
set processor-energy-config cpu-power-management platform-default
set processor-energy-config energy-performance platform-default
set processor-prefetch-config adjacent-cache-line-prefetch platform-def
ault
set processor-prefetch-config dcu-ip-prefetch platform-default
set processor-prefetch-config dcu-streamer-prefetch platform-default
set processor-prefetch-config hardware-prefetch platform-default
set qpi-link-frequency-select-config qpi-link-frequency-mt-per-sec plat
form-default
set quiet-boot-config quiet-boot platform-default
set reboot-on-update no
set resume-ac-on-power-loss-config resume-action platform-default
set scrub-policies-config demand-scrub platform-default
set scrub-policies-config patrol-scrub platform-default
set serial-port-a-config serial-port-a platform-default
set slot-link-speed-config pcie-slot1-link-speed platform-default
set slot-link-speed-config pcie-slot10-link-speed platform-default
set slot-link-speed-config pcie-slot2-link-speed platform-default
set slot-link-speed-config pcie-slot3-link-speed platform-default
set slot-link-speed-config pcie-slot4-link-speed platform-default
set slot-link-speed-config pcie-slot5-link-speed platform-default
set slot-link-speed-config pcie-slot6-link-speed platform-default
set slot-link-speed-config pcie-slot7-link-speed platform-default
set slot-link-speed-config pcie-slot8-link-speed platform-default
set slot-link-speed-config pcie-slot9-link-speed platform-default
set slot-option-rom-enable-config pcie-hba platform-default
set slot-option-rom-enable-config pcie-mlom platform-default
set slot-option-rom-enable-config pcie-n1 platform-default
set slot-option-rom-enable-config pcie-n2 platform-default
set slot-option-rom-enable-config pcie-sas platform-default
set slot-option-rom-enable-config slot1-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot10-option-rom-enable platform-def
ault
set slot-option-rom-enable-config slot2-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot3-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot4-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot5-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot6-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot7-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot8-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot9-option-rom-enable platform-defa
ult
set tpm-support-select-config tpm-enable-disable platform-default
set uefi-os-legacy-video-config legacy-video platform-default
set usb-boot-config legacy-support platform-default
set usb-boot-config make-device-non-bootable platform-default
set usb-configuration-select-config legacy-usb-enable-disable platform-
default
set usb-configuration-select-config xhci-enable-disable platform-defaul
t
set usb-front-panel-access-lock-config usb-front-panel-lock platform-de
fault
set usb-port-config usb-emulation platform-default
set usb-port-config usb-front platform-default
set usb-port-config usb-internal platform-default
set usb-port-config usb-kvm platform-default
set usb-port-config usb-rear platform-default
set usb-port-config usb-sdcard platform-default
set usb-port-config usb-vmedia platform-default
set usb-system-idle-power-optimizing-setting-config usb-idle-power-opti
mizing platform-default
set vga-priority-config vga-priority platform-default
exit
enter bios-policy ssp-default
set acpi10-support-config acpi10-support platform-default
set all-usb-devices-config all-usb platform-default
set altitude altitude-config platform-default
set assert-nmi-on-perr-config assertion platform-default
set assert-nmi-on-serr-config assertion platform-default
set boot-option-retry-config retry platform-default
set console-redir-config baud-rate 38400
set console-redir-config console-redir serial-port-a
set console-redir-config flow-control platform-default
set console-redir-config legacy-os-redir enabled
set console-redir-config putty-function-keypad platform-default
set console-redir-config terminal-type vt100
set core-multi-processing-config multi-processing all
set cpu-performance-config cpu-performance platform-default
set description "Recommended bios settings for usNIC vNICs"
set direct-cache-access-config access enabled
set dram-clock-throttling-config dram-clock-throttling platform-default
set dram-refresh-rate-config dram-refresh platform-default
set enhanced-intel-speedstep-config speed-step enabled
set execute-disable bit disabled
set frb-2-timer-config frb-2-timer platform-default
set frequency-floor-override-config cpu-frequency platform-default
set front-panel-lockout-config front-panel-lockout platform-default
set hyper-threading-config hyper-threading enabled
set intel-entry-sas-raid-config sas-raid platform-default
set intel-entry-sas-raid-config sas-raid-module platform-default
set intel-turbo-boost-config turbo-boost enabled
set intel-vt-config vt enabled
set intel-vt-directed-io-config ats-support enabled
set intel-vt-directed-io-config coherency-support enabled
set intel-vt-directed-io-config interrupt-remapping platform-default
set intel-vt-directed-io-config passthrough-dma platform-default
set intel-vt-directed-io-config vtd enabled
set interleave-config channel-interleave platform-default
set interleave-config memory-interleave platform-default
set interleave-config rank-interleave platform-default
set local-x2-apic-config localx2-apic platform-default
set lv-dimm-support-config lv-ddr-mode performance-mode
set max-memory-below-4gb-config max-memory platform-default
set max-variable-mtrr-setting-config processor-mtrr platform-default
set memory-mapped-io-above-4gb-config memory-mapped-io disabled
set memory-mirroring-mode mirroring-mode platform-default
set memory-ras-config ras-config maximum-performance
set memory-sparing-mode sparing-mode platform-default
set numa-config numa-optimization enabled
set onboard-sas-storage-config onboard-sas-ctrl platform-default
set os-boot-watchdog-timer-config os-boot-watchdog-timer platform-defau
lt
set os-boot-watchdog-timer-policy-config os-boot-watchdog-timer-policy
platform-default
set os-boot-watchdog-timer-timeout-config os-boot-watchdog-timer-timeou
t platform-default
set p-state-coordination-config p-state platform-default
set package-c-state-limit-config package-c-state-limit platform-default
set policy-owner local
set post-error-pause-config post-error-pause platform-default
set processor-c-state-config c-state platform-default
set processor-c1e-config c1e disabled
set processor-c3-report-config processor-c3-report platform-default
set processor-c6-report-config processor-c6-report disabled
set processor-c7-report-config processor-c7-report platform-default
set processor-energy-config cpu-power-management platform-default
set processor-energy-config energy-performance platform-default
set processor-prefetch-config adjacent-cache-line-prefetch platform-def
ault
set processor-prefetch-config dcu-ip-prefetch platform-default
set processor-prefetch-config dcu-streamer-prefetch platform-default
set processor-prefetch-config hardware-prefetch platform-default
set qpi-link-frequency-select-config qpi-link-frequency-mt-per-sec plat
form-default
set quiet-boot-config quiet-boot platform-default
set reboot-on-update no
set resume-ac-on-power-loss-config resume-action platform-default
set scrub-policies-config demand-scrub platform-default
set scrub-policies-config patrol-scrub platform-default
set serial-port-a-config serial-port-a platform-default
set slot-link-speed-config pcie-slot1-link-speed platform-default
set slot-link-speed-config pcie-slot10-link-speed platform-default
set slot-link-speed-config pcie-slot2-link-speed platform-default
set slot-link-speed-config pcie-slot3-link-speed platform-default
set slot-link-speed-config pcie-slot4-link-speed platform-default
set slot-link-speed-config pcie-slot5-link-speed platform-default
set slot-link-speed-config pcie-slot6-link-speed platform-default
set slot-link-speed-config pcie-slot7-link-speed platform-default
set slot-link-speed-config pcie-slot8-link-speed platform-default
set slot-link-speed-config pcie-slot9-link-speed platform-default
set slot-option-rom-enable-config pcie-hba platform-default
set slot-option-rom-enable-config pcie-mlom platform-default
set slot-option-rom-enable-config pcie-n1 platform-default
set slot-option-rom-enable-config pcie-n2 platform-default
set slot-option-rom-enable-config pcie-sas platform-default
set slot-option-rom-enable-config slot1-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot10-option-rom-enable platform-def
ault
set slot-option-rom-enable-config slot2-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot3-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot4-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot5-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot6-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot7-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot8-option-rom-enable platform-defa
ult
set slot-option-rom-enable-config slot9-option-rom-enable platform-defa
ult
set tpm-support-select-config tpm-enable-disable platform-default
set uefi-os-legacy-video-config legacy-video platform-default
set usb-boot-config legacy-support platform-default
set usb-boot-config make-device-non-bootable platform-default
set usb-configuration-select-config legacy-usb-enable-disable platform-
default
set usb-configuration-select-config xhci-enable-disable platform-defaul
t
set usb-front-panel-access-lock-config usb-front-panel-lock platform-de
fault
set usb-port-config usb-emulation platform-default
set usb-port-config usb-front platform-default
set usb-port-config usb-internal platform-default
set usb-port-config usb-kvm platform-default
set usb-port-config usb-rear platform-default
set usb-port-config usb-sdcard platform-default
set usb-port-config usb-vmedia platform-default
set usb-system-idle-power-optimizing-setting-config usb-idle-power-opti
mizing platform-default
set vga-priority-config vga-priority platform-default
exit
enter boot-policy default purpose operational
set boot-mode legacy
set descr ""
set enforce-vnic-name no
set policy-owner local
set reboot-on-update no
exit
enter boot-policy diag purpose utility
set boot-mode legacy
set descr ""
set enforce-vnic-name no
set policy-owner local
set reboot-on-update no
exit
enter boot-policy slot-1 purpose operational
set boot-mode uefi
set descr ""
set enforce-vnic-name no
set policy-owner local
set reboot-on-update no
exit
enter boot-policy slot-2 purpose operational
set boot-mode uefi
set descr ""
set enforce-vnic-name no
set policy-owner local
set reboot-on-update no
exit
enter boot-policy slot-3 purpose operational
set boot-mode uefi
set descr ""
set enforce-vnic-name no
set policy-owner local
set reboot-on-update no
exit
enter boot-policy utility purpose utility
set boot-mode legacy
set descr ""
set enforce-vnic-name no
set policy-owner local
set reboot-on-update no
exit
enter eth-link-profile default
set udld-link-policy default
exit
enter eth-policy Linux
set arfs accelaratedrfs disabled
set comp-queue count 2
set descr "Recommended adapter settings for linux"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 4
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 1
set recv-queue ring-size 512
set rss receivesidescaling disabled
set trans-queue count 1
set trans-queue ring-size 256
set vxlan adminstate disabled
exit
enter eth-policy SRIOV
set arfs accelaratedrfs disabled
set comp-queue count 5
set descr "Recommended adapter settings for Win8 SRIOV-VMFEX PF"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 32
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 4
set recv-queue ring-size 512
set rss receivesidescaling enabled
set trans-queue count 1
set trans-queue ring-size 256
set vxlan adminstate disabled
exit
enter eth-policy Solaris
set arfs accelaratedrfs disabled
set comp-queue count 2
set descr "Recommended adapter settings for Solaris"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 4
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 1
set recv-queue ring-size 512
set rss receivesidescaling disabled
set trans-queue count 1
set trans-queue ring-size 256
set vxlan adminstate disabled
exit
enter eth-policy VMWare
set arfs accelaratedrfs disabled
set comp-queue count 2
set descr "Recommended adapter settings for VMWare"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 4
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 1
set recv-queue ring-size 512
set rss receivesidescaling disabled
set trans-queue count 1
set trans-queue ring-size 256
set vxlan adminstate disabled
exit
enter eth-policy VMWarePassThru
set arfs accelaratedrfs disabled
set comp-queue count 8
set descr "Recommended adapter settings for VMWare pass-thru (dynamic v
NIC)"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 12
set interrupt mode msi
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 4
set recv-queue ring-size 512
set rss receivesidescaling enabled
set trans-queue count 4
set trans-queue ring-size 256
set vxlan adminstate disabled
exit
enter eth-policy Windows
set arfs accelaratedrfs disabled
set comp-queue count 5
set descr "Recommended adapter settings for Windows"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 8
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 4
set recv-queue ring-size 512
set rss receivesidescaling enabled
set trans-queue count 1
set trans-queue ring-size 256
set vxlan adminstate disabled
exit
enter eth-policy default
set arfs accelaratedrfs disabled
set comp-queue count 2
set descr "default adapter policy"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 4
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 1
set recv-queue ring-size 512
set rss receivesidescaling disabled
set trans-queue count 1
set trans-queue ring-size 256
set vxlan adminstate disabled
exit
enter eth-policy sspdata1-default
set arfs accelaratedrfs disabled
set comp-queue count 512
set descr "Recommended adapter settings for sspdata1 vnic"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 128
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 256
set recv-queue ring-size 512
set rss receivesidescaling enabled
set trans-queue count 256
set trans-queue ring-size 512
set vxlan adminstate disabled
exit
enter eth-policy sspmgmt1-default
set arfs accelaratedrfs disabled
set comp-queue count 2
set descr "Recommended adapter settings for sspmgmt1 vnic"
set failback timeout 5
set interrupt coalescing-time 125
set interrupt coalescing-type min
set interrupt count 2
set interrupt mode msi-x
set nvgre adminstate disabled
set offload large-receive enabled
set offload tcp-rx-checksum enabled
set offload tcp-segment enabled
set offload tcp-tx-checksum enabled
set recv-queue count 1
set recv-queue ring-size 512
set rss receivesidescaling disabled
set trans-queue count 1
set trans-queue ring-size 512
set vxlan adminstate disabled
exit
enter fc-policy Linux
set descr "Recommended adapter settings for Linux"
set policy-owner local
exit
enter fc-policy Solaris
set descr "Recommended adapter settings for Solaris"
set policy-owner local
exit
enter fc-policy VMWare
set descr "Recommended adapter settings for VMWare"
set policy-owner local
exit
enter fc-policy Windows
set descr "Recommended adapter settings for Windows"
set policy-owner local
exit
enter fc-policy WindowsBoot
set descr "Recommended adapter settings for Windows SAN Boot"
set policy-owner local
exit
enter fc-policy default
set descr "default adapter policy"
set policy-owner local
exit
enter fw-host-pack default
set blade-vers "" rack-vers ""
set descr "Default Host Package"
set policy-owner local
exit
enter fw-host-pack ssp-hostpack-1
set blade-vers "" rack-vers ""
set descr "SSP Default Host Package for blade-1"
set policy-owner local
exit
enter fw-host-pack ssp-hostpack-2
set blade-vers "" rack-vers ""
set descr "SSP Default Host Package for blade-2"
set policy-owner local
exit
enter fw-host-pack ssp-hostpack-3
set blade-vers "" rack-vers ""
set descr "SSP Default Host Package for blade-3"
set policy-owner local
exit
enter iqn-pool default
set assignment-order default
set descr ""
set iqn-prefix ""
exit
enter kvm-mgmt-policy default
set descr ""
set vmedia-encryption disable
exit
enter lacppolicy default
set lacp-rate normal
set suspend-individual false
exit
enter local-disk-config-policy default
set descr ""
set flexflash-raid-reporting-state disable
set flexflash-state disable
set mode any-configuration
set policy-owner local
set protect yes
exit
enter local-disk-config-policy ssp-default
set descr ""
set flexflash-raid-reporting-state disable
set flexflash-state disable
set mode raid-1-mirrored
set policy-owner local
set protect yes
exit
enter local-disk-config-policy ssp-default-1ru
set descr ""
set flexflash-raid-reporting-state disable
set flexflash-state disable
set mode no-raid
set policy-owner local
set protect no
exit
enter mac-pool default
set assignment-order default
set descr ""
exit
enter mac-pool ssp-macpool-ccl
enter block 00:15:C5:00:00:00 00:15:C5:00:00:C7
exit
set assignment-order default
set descr "SSP service profile MAC Pool for ccl"
exit
enter mac-pool ssp-macpool-inter-vnics
enter block 00:15:A5:00:00:00 00:15:A5:00:01:2B
exit
set assignment-order default
set descr "SSP service profile MAC Pool for internal vNICs"
exit
enter mac-pool ssp-macpool-mio-external-ports
enter block 00:FD:22:2C:9F:A4 00:FD:22:2C:9F:FF
exit
set assignment-order default
set descr "SSP service profile MAC Pool for MIO external ports"
exit
enter maint-policy default
set descr ""
set policy-owner local
set reboot-policy immediate
set schedule ""
exit
enter mcast-policy default
set querier disabled
set querierip 0.0.0.0
set snooping enabled
exit
enter nw-ctrl-policy default
disable cdp
enter mac-security
set forged-transmit allow
exit
set descr ""
set mac-registration-mode only-native-vlan
set policy-owner local
set uplink-fail-action link-down
exit
enter power-control-policy default
set descr ""
set policy-owner local
set priority 5
exit
enter power-control-policy ssp-default
set descr "ssp default power policy"
set policy-owner local
set priority no-cap
exit
enter qos-policy ssp-nodrop
enter egress-policy
set host-cos-control none
set prio platinum
set rate line-rate burst 10240
exit
set descr ""
set policy-owner local
exit
enter scrub-policy default
set bios-settings-scrub no
set descr ""
set disk-scrub no
set flexflash-scrub no
exit
enter server-pool default
set descr ""
exit
enter server-qual all-chassis
enter chassis 1 40
exit
set descr ""
exit
enter sol-policy ssp-default
enable
set descr "Serial Over Lan Policy for Application"
set policy-owner local
set speed 115200
exit
enter stats-threshold-policy default
set descr ""
exit
enter udld-link-policy default
set admin-state disabled
set mode normal
exit
enter uuid-suffix-pool default
set assignment-order default
set descr ""
set uuid-prefix 3AB18B2E-6FF5-11E9
exit
enter wwn-pool default port-wwn-assignment
set assignment-order default
set descr ""
set max-ports-per-node 3-ports-per-node
exit
enter wwn-pool node-default node-wwn-assignment
set assignment-order default
set descr ""
set max-ports-per-node 3-ports-per-node
exit
scope chassis-disc-policy
set descr ""
set link-aggregation-pref none
exit
scope memory-config-policy default
set blacklisting disabled
exit
scope psu-policy
set descr ""
set redundancy non-redund
exit
scope udld-system-settings default
set message-interval 15
set recovery-action none
exit
scope fw-catalog-pack default
set catalog-version ""
set descr "Catalog Pack"
exit
scope fw-infra-pack default
set descr "Infrastructure Pack"
set infra-bundle-version 6.2.3-83
exit
scope fw-platform-pack default
set descr "Platform Pack"
set platform-bundle-version ""
set serialize-hostpack-upgrade no
set skip-manager-validation no
exit
scope fw-autosync-policy
set auto-sync auto-acknowledge
exit
scope cfg-export-policy default
set adminstate disable
set descr "Configuration Export Policy"
set hostname ""
set port default
set protocol ftp
! set password
set remote-file ""
set schedule daily
set user ""
exit
scope ep-log-policy sel
set backup clear-on-backup no
set backup format ascii
set backup hostname ""
set backup interval 1-hour
set backup protocol ftp
! set backup password
set backup remote-path /
set backup user ""
set descr ""
exit
scope org-vlan-policy
set admin-state disabled
exit
scope vhba-beh-policy
set action none
exit
scope vnic-beh-policy
set action hw-inherit template-name ""
exit
scope ip-pool ext-mgmt
set assignment-order default
exit
scope ip-pool iscsi-initiator-pool
set assignment-order default
exit
scope ip-pool ssp-ippool-app-ccl
set assignment-order default
exit
scope ip-pool ssp-ippool-inter-mgmt
set assignment-order default
exit
scope iscsi-policy default
set policy-owner local
exit
exit
scope firmware
scope auto-install
cancel install platform
exit
exit
scope chassis 1
scope server 1
scope diag
set run-policy-name ""
exit
set name ""
set power-button-lock
set user-label ""
exit
set user-label ""
exit
scope system
enter schedule default
set descr ""
set policy-owner local
exit
enter schedule exp-bkup-outdate
enter occurrence one-time exp-bkup-outdate
set concur-tasks unlimited
set date 5 2019 11 52 31
set max-duration none 0 0 0 0
set min-interval none 0 0 0 0
set proc-cap unlimited
exit
set descr "Auto Created by the System for raising fault once cfg backup
export is found outdated"
set policy-owner local
exit
enter schedule fi-reboot
enter occurrence one-time fi-reboot
set concur-tasks unlimited
set date 1 1970 0 0 0
set max-duration none 0 0 0 0
set min-interval none 0 0 0 0
set proc-cap unlimited
exit
set descr "Auto created by the system for acknowledgement of primary FI
reboot"
set policy-owner local
exit
enter schedule infra-fw
enter occurrence one-time infra-fw
set concur-tasks unlimited
set date 6 2019 11 52 31
set max-duration none 0 0 0 0
set min-interval none 0 0 0 0
set proc-cap unlimited
exit
set descr "Auto created by the system for Infrastructure upgrade"
set policy-owner local
exit
enter schedule platform-fw
enter occurrence one-time platform-fw
set concur-tasks unlimited
set date 1 1970 0 0 0
set max-duration none 0 0 0 0
set min-interval none 0 0 0 0
set proc-cap unlimited
exit
set descr "Auto created by the system for Platform upgrade"
set policy-owner local
exit
scope services
create ssh-server host-key
enable dhcp-server 192.168.45.46 192.168.45.254
enable https
enable ssh-server
enter ip-block 192.168.45.0 24 https
exit
enter ip-block 192.168.45.0 24 ssh
exit
enter ntp-server 0.sourcefire.pool.ntp.org
exit
enter ntp-server 1.sourcefire.pool.ntp.org
exit
enter ntp-server 2.sourcefire.pool.ntp.org
exit
scope shell-session-limits
set per-user 32
set total 32
exit
scope web-session-limits
set per-user 32
set total 256
exit
set domain-name ""
set https cipher-suite "ALL:!EDH-RSA-DES-CBC3-SHA:!EDH-DSS-DES-CBC3-SHA
:!DES-CBC3-SHA:!ADH:!3DES:!EXPORT40:!EXPORT56:!LOW:!RC4:!MD5:!IDEA:!eNULL:+HIGH:
+MEDIUM:+EXP"
set https cipher-suite-mode medium-strength
set https keyring default
set https port 443
set ssh-server host-key rsa 2048
set ssh-server kex-algorithm diffie-hellman-group14-sha1
set ssh-server mac-algorithm hmac-sha1 hmac-sha2-256 hmac-sha2-512
set ssh-server encrypt-algorithm 3des-cbc aes128-cbc aes128-ctr aes192-
cbc aes192-ctr aes256-cbc aes256-ctr
set ssh-server rekey-limit volume none time none
set ssh-client kex-algorithm diffie-hellman-group14-sha1
set ssh-client mac-algorithm hmac-sha1 hmac-sha2-256 hmac-sha2-512
set ssh-client encrypt-algorithm 3des-cbc aes128-cbc aes128-ctr aes192-
cbc aes192-ctr aes256-cbc aes256-ctr
set ssh-client rekey-limit volume none time none
set ssh-client stricthostkeycheck disable
set timezone UTC
exit
scope info-policy
disable
exit
scope management-extension
activate firmware ""
exit
scope sys-defaults
set fc-zone-count limit 0
set vlan-port-count limit 0
exit
set description ""
set name firepower
set owner ""
set site ""
set virtual-ip ipv6 ::
set virtual-ip 192.168.45.45
exit
scope eth-uplink
scope fabric a
scope interface 1 1
enable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 2
enable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 3
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 4
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 5
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 6
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 7
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 8
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 9
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 10
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 11
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 12
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation yes
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 13
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation no
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 14
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation no
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 15
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation no
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
scope interface 1 16
disable
set admin-duplex fullduplex
set admin-speed 1gbps
set auto-negotiation no
set eth-link-profile default
set flow-control-policy default
set port-type data
set user-label ""
exit
exit
scope flow-control
enter policy default
set prio auto
set receive off
set send off
exit
exit
scope stats-threshold-policy default
set descr ""
exit
exit
scope fabric-interconnect a
scope ipv6-config
set out-of-band static ipv6 :: ipv6-prefix 64 ipv6-gw ::
exit
set out-of-band static ip 192.168.45.45 netmask 255.255.255.0 gw 0.0.0.0
exit
scope security
disable cc-mode
disable fips-mode
enter keyring default
set modulus mod2048
set regenerate no
! set cert
set trustpoint ""
exit
enter local-user admin
enter role admin
enter role read-only
set account-status active
set email none
set firstname none
set lastname ""
set maxfailedlogins 0
! set password
set phone none
set pwdexpdays 9999
set pwdwarndays 7
set sshkey none
exit
enter role admin
set privilege admin
exit
enter role read-only
set privilege read-only
exit
enter trustpoint CHdefault
set certchain
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
-----END CERTIFICATE-----
ENDOFBUF
exit
scope password-profile
set change-count 2
set change-during-interval enable
set change-interval 48
set history-count 5
set no-change-interval 24
exit
scope default-auth
set absolute-session-timeout 0
set refresh-period 0
set session-timeout 0
exit
scope ldap
set attribute ""
set basedn ""
set descr ""
set filter cn=$userid
set shellaccessuserlist
ENDOFBUF
set timeout 30
set tlscacertificate
ENDOFBUF
exit
scope radius
set descr ""
set retries 1
set shellaccessuserlist
ENDOFBUF
set timeout 5
exit
scope tacacs
set descr ""
set timeout 5
exit
set authentication console local
set authentication default local
set enforce-strong-password no
set max-login-attempts 0
set min-password-length 8
set remote-user default-role no-login
set sshkey none
set user-account-unlock-time 1800
exit
scope ssa
enter logical-device ftd ftd 1 standalone
enter external-port-link Ethernet1-1 Ethernet1/1 ftd
set description ""
set port-name Ethernet1/1
exit
enter external-port-link Ethernet1-2 Ethernet1/2 ftd
set description ""
set port-name Ethernet1/2
exit
enter external-port-link Ethernet1-3 Ethernet1/3 ftd
set description ""
set port-name Ethernet1/3
exit
enter external-port-link Ethernet1-4 Ethernet1/4 ftd
set description ""
set port-name Ethernet1/4
exit
enter external-port-link Ethernet1-5 Ethernet1/5 ftd
set description ""
set port-name Ethernet1/5
exit
enter external-port-link Ethernet1-6 Ethernet1/6 ftd
set description ""
set port-name Ethernet1/6
exit
enter external-port-link Ethernet1-7 Ethernet1/7 ftd
set description ""
set port-name Ethernet1/7
exit
enter external-port-link Ethernet1-8 Ethernet1/8 ftd
set description ""
set port-name Ethernet1/8
exit
enter external-port-link Ethernet1-9 Ethernet1/9 ftd
set description ""
set port-name Ethernet1/9
exit
enter external-port-link Ethernet1-10 Ethernet1/10 ftd
set description ""
set port-name Ethernet1/10
exit
enter external-port-link Ethernet1-11 Ethernet1/11 ftd
set description ""
set port-name Ethernet1/11
exit
enter external-port-link Ethernet1-12 Ethernet1/12 ftd
set description ""
set port-name Ethernet1/12
exit
enter external-port-link Ethernet1-13 Ethernet1/13 ftd
set description ""
set port-name Ethernet1/13
exit
enter external-port-link Ethernet1-14 Ethernet1/14 ftd
set description ""
set port-name Ethernet1/14
exit
enter external-port-link Ethernet1-15 Ethernet1/15 ftd
set description ""
set port-name Ethernet1/15
exit
enter external-port-link Ethernet1-16 Ethernet1/16 ftd
set description ""
set port-name Ethernet1/16
exit
set description ""
set mode standalone
exit
scope slot 1
enter app-instance ftd
enable
set startup-version 6.2.3.83
exit
set log-level info
exit
scope app ftd 6.2.3.83
set-default
exit
exit
scope monitoring
disable snmp
enable syslog console
enable syslog file
disable syslog remote-destination server-1
disable syslog remote-destination server-2
disable syslog remote-destination server-3
enable syslog source audits
disable syslog source events
enable syslog source faults
scope fault policy
set ack-action delete-on-clear
set clear-action retain
set clear-interval 0 0 20 0
set flap-interval 0 0 0 10
set retention-interval 0 1 0 0
exit
scope stats-collection-policy chassis
set collection-interval 1minute
set reporting-interval 15minutes
exit
scope stats-collection-policy fex
set collection-interval 1minute
set reporting-interval 15minutes
exit
scope stats-collection-policy port
set collection-interval 1minute
set reporting-interval 15minutes
exit
scope stats-collection-policy server
set collection-interval 1minute
set reporting-interval 15minutes
exit
scope sysdebug
disable core-export-target
scope log-export-policy
set admin-state disabled
set descr ""
set hostname ""
set passwordless-ssh yes
set path /
set proto tftp
! set passwd
set user ""
exit
set core-export-target path ""
set core-export-target port 69
set core-export-target server-description ""
set core-export-target server-name ""
exit
set mgmt-if-mon-policy admin-state enabled
set mgmt-if-mon-policy arp-deadline 10
set mgmt-if-mon-policy arp-requests 3
set mgmt-if-mon-policy arp-target1 0.0.0.0
set mgmt-if-mon-policy arp-target2 0.0.0.0
set mgmt-if-mon-policy arp-target3 0.0.0.0
set mgmt-if-mon-policy max-fail-reports 3
set mgmt-if-mon-policy mii-retry-count 3
set mgmt-if-mon-policy mii-retry-interval 5
set mgmt-if-mon-policy monitor-mechanism ping-gateway
set mgmt-if-mon-policy ndisc-deadline 10
set mgmt-if-mon-policy ndisc-requests 3
set mgmt-if-mon-policy ndisc-target1 ::
set mgmt-if-mon-policy ndisc-target2 ::
set mgmt-if-mon-policy ndisc-target3 ::
set mgmt-if-mon-policy ping-deadline 15
set mgmt-if-mon-policy ping-requests 3
set mgmt-if-mon-policy poll-interval 90
set syslog console level critical
set syslog file level critical name messages size 4194304
set syslog platform level information
set syslog remote-destination server-1 level critical hostname none facilit
y local7
set syslog remote-destination server-2 level critical hostname none facilit
y local7
set syslog remote-destination server-3 level critical hostname none facilit
y local7
! set snmp community
set snmp syscontact ""
set snmp syslocation ""
exit
Number of Cores 6
Processor memory: 7175425393

POST started...
POST finished, result is 0 (hint: 1 means it failed)

Compiled on Sun 25-Mar-18 18:08 PDT by builders
SSL Hardware Offload is NOT Enabled
Platform is FPR-2110
Adding Cavium NIC interface 1 port 0

Total NICs found: 4

NIC pci:id 00, slot 0, port 1, bus -1, dev -1 func 0, irq 00, internal, ten_gb-e thernet, ind 1
NIC pci:id 01, slot 0, port -1, bus 0, dev 0 func 0, irq 00, internal, , ind 0
NIC pci:id 02, slot 1, port 1, bus -1, dev -1 func -1, irq 00, external, gb-ethe rnet, ind 1
NIC pci:id 03, slot 1, port 1, bus -1, dev -1 func -1, irq 00, internal, gb-ethe rnet, ind 1
en_vtun rev00 Backplane Ext-Mgmt Interface @ index 02 MAC: 00fd.222c.9f81
en_vtun rev00 Backplane Tap Interface @ index 03 MAC: 0000.0100.0001
firepower# Initialized 500000 elements for 3 consumers
WARNING: Attribute already exists in the dictionary.
WARNING: Attribute already exists in the dictionary.
May 7 11:47:05 firepower port-mana ger: Alert: Internal1/3 link changed to UP

****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.

A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by
sending email to export@cisco.com.
******************************* Warning *******************************

Copyright (c) 1996-2017 by Cisco Systems, Inc.

Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

No such file or directory Readi ng from flash...
!
Cryptochecksum (changed): 6fa2f72f 6c69ec48 101ea6d6 86e3f5f1

INFO: Power-On Self-Test in process.
.....................................
INFO: Power-On Self-Test complete.

INFO: Starting SW-DRBG health test...
INFO: SW-DRBG health test passed.

INFO: Starting SW-DRBG health test...
INFO: SW-DRBG health test passed.
User enable_1 logged in to firepower
Logins over the last 1 days: 1.
Failed logins since the last login: 0.
Type help or '?' for a list of available commands.

 

 

9 REPLIES 9
Hall of Fame Master

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

Your cli output shows you are connecting the FX-OS service which is used to manage the chassis. From there, switch to the FTD appliance (which is technically a logical device deployed on the chassis) with "connect ftd". Then you should get a ">" prompt  know as the FTD Unified command line interface shell or "clish" and be able see the settings specific to FTD.

At the clish prompt also check "show managers" to make sure the previous engineer did not configure it for remote management via Firepower Management Center (FMC).

 

firepower cli modes.PNG

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

Thank you Marvin for your Reply!!!  I actually found that command in the Firepower Quick Start Manual, but apparently the command isn't available on my appliance??? (see below)

 

 

 

firepower#
firepower# connet ftd
                             ^
% Invalid Command at '^' marker
firepower# ?
acknowledge Acknowledge
backup Backup
clear Clear managed objects
commit-buffer Commit transaction buffer
connect Connect to Another CLI
discard-buffer Discard transaction buffer
end Go to exec mode
exit Exit from command interpreter
gcov Gcov property values
scope Changes the current mode
set Set property values
show Show system information
terminal Set terminal line parameters
top Go to the top mode
up Go up one mode
where Show information about the current mode

firepower# connect ?
local-mgmt Connect to Local Management CLI

firepower# connect

Highlighted
Hall of Fame Master

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

I'm not exactly sure where you are in the hierarchy. The prompt "firepower#" would normally indicate the Lina cli enable mode.

Did you try Crtl-a then d?

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

The CTRL-A then D, isn't working

When I log on I get the FIREPOWER# prompt.  Not sure if I need to be at the FIREPOWER> prompt for the 'Connect FTD' Command to work.   I did use the "up" command to try to go up in the hierarchy, but that didn't work either. The "end" command didn't work. And if I enter "exit" I'm logged out.

 

firepower# up
Error: already at top
firepower#

 

 

Password:
Last login: Fri May 10 05:03:27 UTC 2019 on ttyS0
Successful login attempts for user 'admin' : 4

Copyright 2004-2018, Cisco and/or its affiliates. All rights reserved.
Cisco is a registered trademark of Cisco Systems, Inc.
All other trademarks are property of their respective owners.

Cisco Fire Linux OS v6.2.3 (build 13)
Cisco Firepower 2110 Threat Defense v6.2.3 (build 83)

Cisco Firepower Extensible Operating System (FX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2009-2015, Cisco Systems, Inc. All rights reserved.

The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license.

Certain components of this software are licensed under the "GNU General Public
License, version 3" provided with ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, Version 3", available here:
http://www.gnu.org/licenses/gpl.html. See User Manual (''Licensing'') for
details.

Certain components of this software are licensed under the "GNU General Public
License, version 2" provided with ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. See User Manual
(''Licensing'') for details.

Certain components of this software are licensed under the "GNU LESSER GENERAL
PUBLIC LICENSE, version 3" provided with ABSOLUTELY NO WARRANTY under the terms
of "GNU LESSER GENERAL PUBLIC LICENSE" Version 3", available here:
http://www.gnu.org/licenses/lgpl.html. See User Manual (''Licensing'') for
details.

Certain components of this software are licensed under the "GNU Lesser General
Public License, version 2.1" provided with ABSOLUTELY NO WARRANTY under the
terms of "GNU Lesser General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. See User Manual
(''Licensing'') for details.

Certain components of this software are licensed under the "GNU Library General
Public License, version 2" provided with ABSOLUTELY NO WARRANTY under the terms
of "GNU Library General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.0.html. See User Manual
(''Licensing'') for details.

firepower#

Hall of Fame Master

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

If you've reset to factory default (what method did you use for that by the way?) you should alternatively be able to plug into Ethernet 1/2 interface and access FTD via that on 192.168.1.1.

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/ftd-fdm-2100-qsg.html

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

https://ciscoskills.net/2017/12/01/factory-reset-firepower-2100/

 

You are correct!   Per the Cisco Guide, I "should" be able to access the Web Interface via the 192.168.45.45

Procedure


Step 1

On your management computer connected to the Management 1/1 interface, launch the Firepower Chassis Manager by going to the following URL: https://192.168.45.45.

Before you log into the Firepower Chassis Manager, if you need to change the FXOS and ASA management IP addresses, see Change the FXOS Management IP Addresses or Gateway.

 

 

 

I connect to the GE MGMT port and received an IP of 192.168.45.46, I can ping 192.168.45.45

BUT when I put https://192.168.45.45 in the Browser, I get a certificate warning, I bypass the warning, but the Web Page never populates 

 

 

Hall of Fame Master

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

Have you inspected the certificate from your browser and confirmed it is the self-signed device certificate?

Do you have a support contract? If so, TAC might be able to assist you better.

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

Hey Marvin!  So yes, I've opened a TAC Case....and it's strange because we have two Firepower 2010's, and one has the FTD Connect command available and one does not.  So we just decided the best option is to re-image the "problem appliance".   Thanks for all your assistance!  

Re: FIREPOWER 2010: Service Timeout when trying to connect to Device Manager

The CTRL-A then D, isn't working

When I log on I get the FIREPOWER# prompt.  Not sure if I need to be at the FIREPOWER> prompt for the 'Connect FTD' Command to work.   I did use the "up" command to try to go up in the hierarchy, but that didn't work either. The "end" command didn't work. And if I enter "exit" I'm logged out.

 

firepower# up
Error: already at top
firepower#