Cisco FirePOWER SFR Module Cannot Ping
KB ID 0001174 Problem On a newly deployed FirePOWER service module I wanted to test connectivity and attempted to ping a public IP address. This is what happened; > expert admin@Petes-SFR:~$ ping 8.8.8.8 ping: icmp open socket: Operation not permitted My first though was, “Well you have to set a default gateway on the SFR when you set it up, so the firewall is probably blocking ICMP”. So I checked the default policy...
Cisco Firepower Services – Change IP and DNS Addresses
KB ID 0001173 Problem If you change your internal LAN addresses its easy to re-ip the firewall but what about the FirePOWER module? If you manage your SFR from the ASDM it will tell you what the IP is, but it won’t let you change it? Solution Change the FirePOWER Module IP Address Log into the firewall, then open a session with the SFR module. find the physical address of the module (usually eth0, but check). Petes-ASA#...
Cisco FirePOWER – Adding a Static Route
KB ID 0001172 Problem Routing traffic back from the ASA , in most cases you will have a static route (or routes) tied to the inside interface of the firewall. Or you may have dynamic routing if your network is a little more complex. But your FirePOWER module is essentially a small Linux box sat inside the firewall, it has its own network connection and maintains its own routing table. You may have already noticed if your FirePOWER...
Re-Image and Update the Cisco FirePOWER Services Module
KB ID 0001164 Problem This takes ages! Seriously, if it’s late in the afternoon you might want to do this tomorrow morning, or leave the re-imaging running overnight. (Remember if you set the FirePOWER module to ‘fail-closed’, you will lose internet access, so you might want to change that to ‘fail-open’ as well). The process is a LOT EASIER to do in the ASDM, I’m not usually an advocate of the GUI,...
Cisco FirePOWER – Update Fails ‘Peer Registration Failed: Registration in Progress’
KB ID 0001162 Problem If you attempt to perform an update on the FirePOWER services module in your firewall, you may see the following error; Error Installation Failed: Peer registration in progress. Please retry in a few moments I found myself in this situation because I’d attempted to register the firewall in the FirePOWER Management Center Appliance, and the process failed, (because the versions were different). So when I...