Cisco Firepower 1010 Getting Started Manual page 154

Hide thumbs Also See for Firepower 1010:

Hardware installation manual (40 pages)

Configuration note (21 pages)

Configuration manual (12 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

page of 182

/ 182
Contents
Table of Contents
Bookmarks

Table of Contents

Troubleshoot Management Connectivity on a Data Interface

When you use a data interface for FMC management instead of using the dedicated Management interface,

you must be careful about changing the interface and network settings for the FTD in FMC so you do not

disrupt the connection. If you change the management interface type after you add the FTD to the FMC (from

data to Management, or from Management to data), if the interfaces and network settings are not configured

correctly, you can lose management connectivity.

This topic helps you troubleshoot the loss of management connectivity.

View management connection status

In FMC, check the management connection status on the Devices > Device Management > Device >

Management > FMC Access Details > Connection Status page.

At the FTD CLI, enter the sftunnel-status-brief command to view the management connection status.

You can also use sftunnel-status to view more complete information.

See the following sample output for a connection that is down; there is no peer channel "connected to"

information, nor heartbeat information shown:

> sftunnel-status-brief

PEER:10.10.17.202

Registration: Completed.

Connection to peer '10.10.17.202' Attempted at Mon Jun 15 09:21:57 2020 UTC

Last disconnect time : Mon Jun 15 09:19:09 2020 UTC

Last disconnect reason : Both control and event channel connections with peer went down

See the following sample output for a connection that is up, with peer channel and heartbeat information

shown:

> sftunnel-status-brief

PEER:10.10.17.202

Peer channel Channel-A is valid type (CONTROL), using 'eth0', connected to '10.10.17.202'

via '10.10.17.222'

Peer channel Channel-B is valid type (EVENT), using 'eth0', connected to '10.10.17.202'

via '10.10.17.222'

Registration: Completed.

IPv4 Connection to peer '10.10.17.202' Start Time: Wed Jun 10 14:27:12 2020 UTC

Heartbeat Send Time: Mon Jun 15 09:02:08 2020 UTC

Heartbeat Received Time: Mon Jun 15 09:02:16 2020 UTC

View the FTD network information

At the FTD CLI, view the Management and FMC access data interface network settings:

show network

> show network

===============[ System Information ]===============

Hostname

DNS Servers

Management port

IPv4 Default route

Gateway

IPv6 Default route

Gateway

======================[ br1 ]=======================

State

Cisco Firepower 1010 Getting Started Guide

152

Firepower Threat Defense Deployment with a Remote FMC

: 5516X-4

: 208.67.220.220,208.67.222.222

: 8305

: data-interfaces

: Enabled

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Cisco Firepower 1010 Getting Started Manual page 154

Hide quick links:

Related Manuals for Cisco Firepower 1010

Related Products for Cisco Firepower 1010

Table of Contents