cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1945
Views
0
Helpful
5
Replies

Unable to access the FirePOWER Services Configuration through ASDM

I have recently purchased a Cisco ASA 5506-X with FirePOWER Services for my home office. I have configured the firewall and have already deployed it. However, I am unable to access the FirePOWER Services configuration through ASDM and, therefore, unable to take advantage of the FirePOWER services, such as an IPS and advanced malware protection.

Can anyone tell me what I should do in order to be able to access the FirePOWER services configuration through ASDM? Is there any other way to configure the FirePOWER services?

Any help would be most appreciated.

-Aaron

5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

Did you follow the Quick Start Guide for configuring the FirePOWER module?

It explains how the module requires use of the physical management interface - whether or not you are using that interface for the ASA itself.

You can do the initial setup of FirePOWER module via either the ASA Setup wizard or via session into the module console from the command line interface. Once it has the necessary bootstrap configuration and connectivity, everything can be configured via ASDM (or a separate FireSIGHT / FirePOWER Management Center if you have that product).

Hi,

Please follow the below article for installing firepower module and then accessing it via ASDM:

https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/118644-configure-firepower-00.html

You need to make sure that management ip which you are assigning to firepower module should be reachable from ASA and status of management interface of ASA should be up.

Once the above is done, you can launch the ASDM and you will see that it during launch it will download firepower packages as well provided the ASDM ip is able to reach firepower ip as well.

rate if it helps.

Thanks,

Ankita

For some reason, Cisco's technical support instructed me to downgrade ASDM from version 7.4.1 to 7.3.3 and the ASA firmware from version 9.4 to 9.3. I do not understand why I should do it, since the FirePOWER Services have not become obsolete. They did not explain it to me.

They also told me to install the SourceFire software, whereas I can see in the FirePOWER Dashboard that it is installed and up. I do not understand why I should install anything since the firewall is sold with the FirePOWER services.

In versions later than 7.3.3, there are two physical management interfaces: the INSIDE interface for ASA (192.168.1.1) and the MGMT interface for FirePOWER (192.168.1.2). In version 7.3.3, there is only one dedicated interface: MGMT (192.168.1.1).

In any case, I will try to follow their instructions, but can anyone explain to me why I must do all this?

Pretty sure you have to be running 9.4x or 9.5x to get ASDM integration with Firepower.  You should be using ASDM 7.5 as well. 

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.

Christopher,

The "Kenton" series (5506/08/16) added local management (ASDM-based) for the FirePOWER modules as of ASA software 9.3(2) and ASDM 7.3(3).

http://www.cisco.com/c/en/us/td/docs/security/asa/asa93/release/notes/asarn93.html

The rest of the ASA line got the ASDM-based FirePOWER management as of ASA 9.5(1.5) with ASDM 7.5(1.112) (also requires FirePOWER 6.0).

http://www.cisco.com/c/en/us/td/docs/security/asdm/7_5/release/notes/rn75.html#pgfId-156844

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: