Tuesday, November 19, 2024
Latest:

Check/Change Cisco ASA FirePower SFR Module Network Settings

edledge
edledge Cisco logo
Views: 1,253

Scenario:
Make: Cisco
Model: ASA 5506-X, ASA 5508-X, 5506W-X, ASA 5512-X
Mode: CLI [Command Line Interface]
Version: 6.2.2-81
Description: In this article, we will discuss how to confirm the current network configuration of the Cisco FirePower ASA SFR module and if required how to change the network settings such as IP address, DNS, Domain name etc. Refer to the article How to Re-Image Cisco ASA SFR Module, if you are looking to reimage the SFR module.

Confirm Current Configuration

To confirm the current network configuration, follow the steps mentioned below.

Step1: SSH
SSH or console onto the ASA.

SSH 10.1

Step2: Login
Log in to the ASA and then access the module using the commands shown below.

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2022.04.18 15:41:32 =~=~=~=~=~=~=~=~=~=~=~=
login as: admin
WARNING!
Access to this device is restricted to authorized personel of edledge team only. If you are not an authorized 
user, disconnect now. Any attempts to gain unauthorized access will be prosecuted to the fullest extent of 
the law.
admin@edledge-asa's password: edledge
Type help or '?' for a list of available commands.
edledge-asa> en
Password: edledge.com
edledge-asa#

Access the SFR Console using the command shown below

edledge-asa# session sfr console 
Opening console session with module sfr.
Connected to module sfr. Escape character sequence is 'CTRL-^X'.

edledge-asa login: admin 
Password: edledge
Last login: Fri Dec 10 12:55:26 UTC 2021 on ttyS1 

Copyright 2004-2017, Cisco and/or its affiliates. All rights reserved. Cisco is a registered trademark of 
Cisco Systems, Inc. All other trademarks are property of their respective owners. 

Cisco Fire Linux OS v6.2.2 (build 11) 
Cisco ASA5508 v6.2.2 (build 81)
> 
>

Step3: Current SFR Network Configuration
To confirm the current network configuration use the command shown below.


> show network 
===============[ System Information ]=============== 
Hostname : edledge-asa
Domains : edledge.com 
DNS Servers : 10.1.8.10 
10.0.1.1 
10.0.1.2 
Management port : 8305 
IPv4 Default route 
Gateway : 10.1.7.1 

======================[ eth0 ]====================== 
State : Enabled 
Channels : Management & Events 
Mode : Non-Autonegotiation 
MDI/MDIX : Auto/MDIX 
MTU : 1500 
MAC Address : 08:EA:12:XX:XX:XX 
----------------------[ IPv4 ]---------------------- 
Configuration : Manual 
Address : 10.1.7.11 
Netmask : 255.255.255.0 
Broadcast : 10.1.7.255 
----------------------[ IPv6 ]---------------------- 
Configuration : Disabled 

===============[ Proxy Information ]================ 
State : Disabled 
Authentication : Disabled 

>

Configure/Change “Hostname”

Use the command shown below to configure/change the hostname.

> configure network hostname edledge-sfr

Configure/Change “DNS Servers”

Use the command shown below to configure/change the DNS servers. You could add more than one DNS server.

> configure network dns servers 10.0.1.10,10.0.1.1,10.0.1.2

Configure/Change “Domain Name”

Use the command shown below to configure/change the domain name.

> configure network dns searchdomains edledge.com

Delete “IPv4 address”

Use the command shown below to delete the existing or previously configured IPv4 address

> configure network ipv4 delete [interface]

If you are not using any interface then use the command shown below to delete the configuration

> configure network ipv4 delete

Configure/Change “IPv4 address”

There are three options available to configure/change the IPv4 address of the Cisco ASA SFR module

delete              Disable IPv4 networking 
dhcp                Configure IPv4 via DHCP 
manual              Configure IPv4 manually

Here we will discuss how to configure the IPv4 manual address.

> configure network ipv4 manual 10.1.7.11 255.255.255.0 10.1.1.1

If you using an interface then use the interface name at the end.

> configure network ipv4 manual 10.1.7.11 255.255.255.0 10.1.1.1 sfrmanagement

Using the above mentioned steps you could configure/change the Network Settings of the SFR module.

Few other important topics on Cisco SFR Module or Firepower

Knowledge_Check_Cisco_01

1 / 5

What are the two types of packet capture in Cisco ASA?

2 / 5

What is the default buffer size of Cisco ASA PCAP?

3 / 5

How many interfaces in Cisco ASA can have same route map?

4 / 5

Does Cisco ASA supports PPPoE link?

5 / 5

How many 10 Gig ports are available in Cisco 5508-X ASA?

Your score is

The average score is 0%

0%

Source: Cisco, Lab, Knowledge Base

EA00104

Leave a Reply

Your email address will not be published. Required fields are marked *