Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7775
Views
5
Helpful
2
Replies

FirePower Chassis Name Change - Warning!

davidhvoss
Level 1
Level 1

‎11-02-2017 10:29 AM - edited ‎02-21-2020 06:37 AM

I would like to change the hostname of two FirePower 4100 systems which are in HA active/passive mode between the two systems on the installed ASA 9.7 code.

The ASA hostname was changed just fine.

When I try to change the FirePower chassis hostname via FXOS, I get an error that makes me nervous.  Can anyone confirm I can change the FirePower chassis hostname without negatively impacting this production environment?

 

See warning below.

 

Firepower-chassis-A# scope system

Firepower-chassis-A /system # set name New-name

Warning: System name modification changes FC zone name and redeploys them non-disruptively

 

I have searched for this and in Cisco documentation, it states the warning will come up but no response on if it will affect connectivity.  In the forums, no one states that there is a negative impact, but that's only by omission - no one has specifically stated it does or does not affect the environment.

 

 

4 people had this problem
Labels:
0 Helpful
2 Replies 2

martin5641289
Level 1
Level 1

‎05-07-2018 12:14 AM

We have Firepower 2100 and this link (https://www.cisco.com/c/en/us/td/docs/security/firepower/2100/troubleshoot_fxos/b_2100_CLI_Troubleshoot.pdf) says that configuration changes via CLI are not possible. Every change have to be confirmed by command "commit-buffer". if I set the name by "set name XXXXX", our 2100 response is "Error: Changes not allowed. use: 'connect ftd' to make changes.".

 

So, setting SNMP name is not possible. SNMP get commands returns name "octeon". I found that this is a bug - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvi56715/?rfs=iqvred. This buf has been fixed but we have not upgraded yet so I cannot confirm if it really works or not.

 

 

0 Helpful

martin5641289
Level 1
Level 1
In response to martin5641289

‎09-05-2018 12:41 AM

This bug - CSCvi56715 - is still opened. It has severity 4 minor so Cisco works for fixing more important issues. Last update is from Aug 26,2018.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvi56715/?rfs=iqvred. I suppose it would be fixed in two or three years because Firepower has many other bugs. I could not recommned to buy Cisco Firepower because it is very bugged firewall and fixing known issues has not been finished yet and it took more than a year and the firewall is still bugged.

 
SNMP polling of FTD on Firepower 2100 Series firewalls shows "octeon" for the "sysName" OID
CSCvi56715
 
Symptom:
The SNMP polling of OID .1.3.6.1.2.1.1.5 ("sysName") against the Firepower Threat Defense application returns "octeon" instead of an expected host name.

Conditions:
Firepower Threat Defense running on a Firepower 2100 Series firewall. SNMP polling (any SNMP version) configured in the platform settings policy deployed to the firewall.

Workaround:
None.
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card