Cisco Firepower 1010 Getting Started Manual page 162

Troubleshoot Management Connectivity on a Data Interface
Interfaces
===============[ GigabitEthernet1/1 ]===============
State
Link
Name
MTU
MAC Address
----------------------[ IPv4 ]----------------------
Configuration
Address
Netmask
Gateway
----------------------[ IPv6 ]----------------------
Configuration
Check that the threat defense registered with CDO
At the threat defense CLI, check that CDO registration was completed. Note that this command will not
show the current status of the management connection.
show managers
> show managers
Type
Host
Display name
Identifier
Registration
Management type
Ping CDO
At the threat defense CLI, use the following command to ping CDO from the data interfaces:
ping cdo_hostname
At the threat defense CLI, use the following command to ping CDO from the Management interface,
which should route over the backplane to the data interfaces:
ping system cdo_hostname
Capture packets on the threat defense internal interface
At the threat defense CLI, capture packets on the internal backplane interface (nlp_int_tap) to see if
management packets are being sent:
capture name interface nlp_int_tap trace detail match ip any any
show capturename trace detail
Check the internal interface status, statistics, and packet count
At the threat defense CLI, see information about the internal backplane interface, nlp_int_tap:
show interace detail
> show interface detail
[...]
Interface Internal-Data0/1 "nlp_int_tap", is up, line protocol is up
Hardware is en_vtun rev00, BW Unknown Speed-Capability, DLY 1000 usec
(Full-duplex), (1000 Mbps)
Cisco Firepower 1010 Getting Started Guide
160
: GigabitEthernet1/1
: Enabled
: Up
: outside
: 1500
: 28:6F:7F:D3:CB:8F
: Manual
: 10.89.5.29
: 255.255.255.192
: 10.89.5.1
: Disabled
: Manager
: account1.app.us.cdo.cisco.com
: account1.app.us.cdo.cisco.com
: f7ffad78-bf16-11ec-a737-baa2f76ef602
: Completed
: Configuration
Threat Defense Deployment with CDO