KB ID 0001344 

Problem

While replacing a FirePOWER Management console, I got this error;

Interface Status
Interface ‘DataPlaneInterface0’ is not receiving any packets

Solution

A look a the health monitor showed me the same thing;

Firstly, common sense dictates, that this is a live firewall and traffic is actually flowing though it? In my case the traffic simply needed to be ‘sent though’ the module. Execute the following, (or check for the presence of matching configuration);

[box]

access-list ACL-FirePOWER extended permit ip any any
class-map CM-SFR
 match access-list ACL-FirePOWER
 exit
policy-map global_policy 
 class CM-SFR
  sfr fail-open
exit
exit
write mem

[/box]

Note: Here I’m assuming you want to ‘fail-open’ i.e. not block traffic if the FirePOWER module fails, and you are inspecting ‘inline’ (not passively).

Then apply the cup of coffee rule, and ensure some traffic is sent via the firewall.

Failover (Active / Standby) Firewalls and FirePOWER

As pointed out (below, thanks Marvin) If you have an active/standby failover firewall pair, you will also see this error from the SFR module in the standby firewall. Which makes sense because this firewall is not passing any traffic!

Related Articles, References, Credits, or External Links

NA