Cisco Firepower 1010 Getting Started page 40
Hide thumbs
Also See for Firepower 1010:
- Getting started manual (190 pages) ,
- Hardware installation manual (50 pages) ,
- Deployment manual (8 pages)
Advertisement
Using the CLI Console to Monitor and Test the Configuration
If you find a persistent problem, you might need to fix the device configuration. For example, a persistent
failure to obtain database updates could indicate that there is no path to the Internet for the device's management
IP address. You might need to contact the Cisco Technical Assistance Center (TAC) for some issues as indicted
in the task descriptions.
You can do the following with the task list:
• Click the Success or Failures buttons to filter the list based on these statuses.
• Click the delete icon (
• Click Remove All Completed Tasks to empty the list of all tasks that are not in progress.
Using the CLI Console to Monitor and Test the Configuration
FTD devices include a command line interface (CLI) that you can use for monitoring and troubleshooting.
Although you can open an SSH session to get access to all of the system commands, you can also open a CLI
Console in the FDM to use read-only commands, such as the various show commands and ping, traceroute,
and packet-tracer. If you have Administrator privileges, you can also enter the failover, reboot, and shutdown
commands.
You can keep the CLI Console open as you move from page to page, configure, and deploy features. For
example, after deploying a new static route, you could use ping in the CLI Console to verify that the target
network is reachable.
The CLI Console uses the base Firepower Threat Defense CLI. You cannot enter the diagnostic CLI, expert
mode, or FXOS CLI (on models that use FXOS) using the CLI Console. Use SSH if you need to enter those
other CLI modes.
For detailed information on commands, see
https://www.cisco.com/c/en/us/td/docs/security/firepower/command_ref/b_Command_Reference_for_
Firepower_Threat_Defense.html.
Notes:
• Although ping is supported in CLI Console, the ping system command is not supported.
• The system can process at most 2 concurrent commands. Thus, if another user is issuing commands (for
• Commands return information based on the deployed configuration. If you make a configuration change
Procedure
Step 1
Click the CLI Console button in the upper right of the web page.
Getting Started
40
) for a task to remove it from the list.
example, using the REST API), you might need to wait for other commands to complete before entering
a command. If this is a persistent problem, use an SSH session instead of the CLI Console.
in the FDM, but do not deploy it, you will not see the results of your change in the command output. For
example, if you create a new static route but do not deploy it, that route will not appear in show route
output.
Cisco Firepower Threat Defense Command
Getting Started
Reference,
Advertisement
