Scenario:
Make: Cisco
Model: ASA 5506-X, ASA 5508-X, 5506W-X, ASA 5512-X
Mode: CLI [Command Line Interface]
Version: 6.2.2-81
Description: In this article, we will discuss how to confirm the current network configuration of the Cisco FirePower ASA SFR module and if required how to change the network settings such as IP address, DNS, Domain name etc. Refer to the article How to Re-Image Cisco ASA SFR Module, if you are looking to reimage the SFR module.
Confirm Current Configuration
To confirm the current network configuration, follow the steps mentioned below.
Step1: SSH
SSH or console onto the ASA.
Step2: Login
Log in to the ASA and then access the module using the commands shown below.
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2022.04.18 15:41:32 =~=~=~=~=~=~=~=~=~=~=~=
login as: admin
WARNING!
Access to this device is restricted to authorized personel of edledge team only. If you are not an authorized
user, disconnect now. Any attempts to gain unauthorized access will be prosecuted to the fullest extent of
the law.
admin@edledge-asa's password: edledge
Type help or '?' for a list of available commands.
edledge-asa> en
Password: edledge.com
edledge-asa#
Access the SFR Console using the command shown below
edledge-asa# session sfr console
Opening console session with module sfr.
Connected to module sfr. Escape character sequence is 'CTRL-^X'.
edledge-asa login: admin
Password: edledge
Last login: Fri Dec 10 12:55:26 UTC 2021 on ttyS1
Copyright 2004-2017, Cisco and/or its affiliates. All rights reserved. Cisco is a registered trademark of
Cisco Systems, Inc. All other trademarks are property of their respective owners.
Cisco Fire Linux OS v6.2.2 (build 11)
Cisco ASA5508 v6.2.2 (build 81)
>
>
Step3: Current SFR Network Configuration
To confirm the current network configuration use the command shown below.
> show network
===============[ System Information ]===============
Hostname : edledge-asa
Domains : edledge.com
DNS Servers : 10.1.8.10
10.0.1.1
10.0.1.2
Management port : 8305
IPv4 Default route
Gateway : 10.1.7.1
======================[ eth0 ]======================
State : Enabled
Channels : Management & Events
Mode : Non-Autonegotiation
MDI/MDIX : Auto/MDIX
MTU : 1500
MAC Address : 08:EA:12:XX:XX:XX
----------------------[ IPv4 ]----------------------
Configuration : Manual
Address : 10.1.7.11
Netmask : 255.255.255.0
Broadcast : 10.1.7.255
----------------------[ IPv6 ]----------------------
Configuration : Disabled
===============[ Proxy Information ]================
State : Disabled
Authentication : Disabled
>
Configure/Change “Hostname”
Use the command shown below to configure/change the hostname.
> configure network hostname edledge-sfrConfigure/Change “DNS Servers”
Use the command shown below to configure/change the DNS servers. You could add more than one DNS server.
> configure network dns servers 10.0.1.10,10.0.1.1,10.0.1.2Configure/Change “Domain Name”
Use the command shown below to configure/change the domain name.
> configure network dns searchdomains edledge.comDelete “IPv4 address”
Use the command shown below to delete the existing or previously configured IPv4 address
> configure network ipv4 delete [interface]
If you are not using any interface then use the command shown below to delete the configuration
> configure network ipv4 deleteConfigure/Change “IPv4 address”
There are three options available to configure/change the IPv4 address of the Cisco ASA SFR module
delete Disable IPv4 networking
dhcp Configure IPv4 via DHCP
manual Configure IPv4 manually
Here we will discuss how to configure the IPv4 manual address.
> configure network ipv4 manual 10.1.7.11 255.255.255.0 10.1.1.1If you using an interface then use the interface name at the end.
> configure network ipv4 manual 10.1.7.11 255.255.255.0 10.1.1.1 sfrmanagementUsing the above mentioned steps you could configure/change the Network Settings of the SFR module.
Few other important topics on Cisco SFR Module or Firepower
- Default Username & Password Of Cisco ASA FirePower/SFR Module
- Cisco ASA Unsupported SFR Module
- Password Change Of Cisco ASA FirePower or SFR Module
- Cisco ASA FirePower License Activation
- Unwanted ASA Failover Due To SFR Error
Source: Cisco, Lab, Knowledge Base
EA00104