Name: Cisco Firepower 1100
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

translate_hits = 0, untranslate_hits = 6

2 (nlp_int_tap) to (outside) source static nlp_server_0_ssh_intf3 interface service

tcp ssh ssh

translate_hits = 0, untranslate_hits = 73

3 (nlp_int_tap) to (outside) source static nlp_server_0_sftunnel_ipv6_intf3 interface

ipv6 service tcp 8305 8305

translate_hits = 0, untranslate_hits = 0

4 (nlp_int_tap) to (outside) source dynamic nlp_client_0_intf3 interface

translate_hits = 174, untranslate_hits = 0

5 (nlp_int_tap) to (outside) source dynamic nlp_client_0_ipv6_intf3 interface ipv6

translate_hits = 0, untranslate_hits = 0

Check other settings

See the following commands to check that all other settings are present. You can also see many of these

commands on CDO's Devices > Device Management > Device > Management > Manager Access -

Configuration Details > CLI Output page.

show running-config sftunnel

> show running-config sftunnel

sftunnel interface outside

sftunnel port 8305

show running-config ip-client

> show running-config ip-client

ip-client outside

show conn address fmc_ip

> show conn address 10.89.5.35

5 in use, 16 most used

Inspect Snort:

preserve-connection: 0 enabled, 0 in effect, 0 most enabled, 0 most in effect

TCP nlp_int_tap 10.89.5.29(169.254.1.2):51231 outside 10.89.5.35:8305, idle 0:00:04,

bytes 86684, flags UxIO

TCP nlp_int_tap 10.89.5.29(169.254.1.2):8305 outside 10.89.5.35:52019, idle 0:00:02,

bytes 1630834, flags UIO

Check for a successful DDNS update

At the threat defense CLI, check for a successful DDNS update:

debug ddns

> debug ddns

DDNS update request = /v3/update?hostname=domain.example.org&myip=209.165.200.225

Successfuly updated the DDNS sever with current IP addresses

DDNS: Another update completed, outstanding = 0

DDNS: IDB SB total = 0

If the update failed, use the debug http and debug ssl commands. For certificate validation failures,

check that the root certificates are installed on the device:

show crypto ca certificates trustpoint_name

To check the DDNS operation:

Cisco Firepower 1100 Getting Started Guide

153

Threat Defense Deployment with CDO

Troubleshoot Management Connectivity on a Data Interface

Brand	Cisco
Model	Firepower 1100
Category	Firewall
Language	English

Cisco Firepower 1100 Getting Started Guide

Table of Contents

Other manuals for Cisco Firepower 1100

Questions and Answers:

Cisco Firepower 1100 Specifications

Related product manuals