Troubleshoot Management Connectivity On A Data Interface; View Management Connection Status - Cisco Firepower 1100 Started Manual

Hide thumbs Also See for Firepower 1100:

Getting started manual (178 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

Table Of Contents

177

page of 177

/ 177
Contents
Table of Contents
Bookmarks

Table of Contents

Firepower Threat Defense Deployment with a Remote FMC

This command returns you to the FXOS CLI prompt. For information on the commands available in the FXOS

CLI, enter ?.

Example:

> exit

firepower#

Troubleshoot Management Connectivity on a Data Interface

Model Support—FTD

When you use a data interface for FMC management instead of using the dedicated Management interface,

you must be careful about changing the interface and network settings for the FTD in FMC so you do not

disrupt the connection. If you change the management interface type after you add the FTD to the FMC (from

data to Management, or from Management to data), if the interfaces and network settings are not configured

correctly, you can lose management connectivity.

This topic helps you troubleshoot the loss of management connectivity.

View management connection status

In FMC, check the management connection status on the Devices > Device Management > Device >

Management > FMC Access Details > Connection Status page.

At the FTD CLI, enter the sftunnel-status-brief command to view the management connection status.

You can also use sftunnel-status to view more complete information.

See the following sample output for a connection that is down; there is no peer channel "connected to"

information, nor heartbeat information shown:

> sftunnel-status-brief

PEER:10.10.17.202

Registration: Completed.

Connection to peer '10.10.17.202' Attempted at Mon Jun 15 09:21:57 2020 UTC

Last disconnect time : Mon Jun 15 09:19:09 2020 UTC

Last disconnect reason : Both control and event channel connections with peer went down

See the following sample output for a connection that is up, with peer channel and heartbeat information

shown:

> sftunnel-status-brief

PEER:10.10.17.202

Peer channel Channel-A is valid type (CONTROL), using 'eth0', connected to '10.10.17.202'

via '10.10.17.222'

Peer channel Channel-B is valid type (EVENT), using 'eth0', connected to '10.10.17.202'

via '10.10.17.222'

Registration: Completed.

IPv4 Connection to peer '10.10.17.202' Start Time: Wed Jun 10 14:27:12 2020 UTC

Heartbeat Send Time: Mon Jun 15 09:02:08 2020 UTC

Heartbeat Received Time: Mon Jun 15 09:02:16 2020 UTC

Troubleshoot Management Connectivity on a Data Interface

Cisco Firepower 1100 Getting Started Guide

145

Table of Contents

Show Quick Links

Quick Links:
(Optional) Change Management Network Settings at...

Hide quick links:

Table of Contents

Troubleshoot Management Connectivity On A Data Interface; View Management Connection Status - Cisco Firepower 1100 Started Manual

Troubleshoot Management Connectivity on a Data Interface

View management connection status

Hide quick links:

Related Manuals for Cisco Firepower 1100

Related Content for Cisco Firepower 1100

Table of Contents