Guest

Preview Tool

Cisco Bug: CSCvt13730 - FP1010 / 2100 - FTD: Management port down/down after FTD upgrade to release 6.6.0

Last Modified

Sep 24, 2020

Products (1)

  • Cisco Firepower 9300 Series

Known Affected Releases

2.8(1.105) 9.14(0.70) 9.14(1.11) r281 r291

Description (partial)

Symptom:
The dedicated management interface on FP1000/2000 series is down/down state if connected to a switch port that is FastEthernet (100Mbps) or Ethernet (10Mbps).

From /ngfw/var/log/messages 

May 17 15:14:08 FTD2110 SF-IMS[8260]: [8393] sftunneld:tunnsockets [INFO] Started listening on port 8305 IPv4(10.5.5.66) management0
May 17 15:14:47 FTD2110 SF-IMS[8260]: [8260] sftunneld:sftunnel_config [INFO] Management Interfaces are not properly configured
May 17 15:14:59 FTD2110 SF-IMS[24427]: [24427] sftunneld:sftunnel_config [INFO] IPv4 is  10.5.5.66  (key '10.5.5.66') on management0
May 17 15:14:59 FTD2110 SF-IMS[24427]: [24427] sftunneld:sftunnel_config [INFO] Management Interfaces configuration changed
May 17 15:14:59 FTD2110 SF-IMS[24427]: [24427] sftunneld:sftunnel_config [INFO] Management Interfaces are not properly configured
May 17 15:15:59 FTD2110 SF-IMS[28112]: [28112] sftunneld:sftunnel_config [INFO] IPv4 is  10.5.5.66  (key '10.5.5.66') on management0
May 17 15:15:59 FTD2110 SF-IMS[28112]: [28112] sftunneld:sftunnel_config [INFO] Management Interfaces configuration changed

However, ethtool still show  Link is up but no link light when physically inspecting the port 

FTD2110 :/ngfw/var/log# ethtool mana
Settings for management0:
        Link detected: yes

Conditions:
FP1000/2000 appliance running FTD

FP1000/2000 management port connected to:
-> Ethernet or FastEthernet switch port
-> GigabitEthernet switch port set to 100 or 10Mbps speed


FXOS show the FTD mgmt interface 1Gbps but on the switch its connected to its 100Mbps (max) 

FTD2110 /fabric-interconnect/mgmt-interface # show detail 

Management Interface:
    Port Name: Management1
    Admin State: Enabled
    Oper State: Down
    Admin Speed: 1 Gbps
    Oper Speed: Indeterminate
    Admin Duplex: Full Duplex
    Oper Duplex: Half Duplex
    MTU: 1500
    Current Task 1:
    Current Task 2:

FTD code upgraded from any version to release 6.6.0.90

Related Community Discussions

FPR 1120 : Management Port is working only at Gig speed. No link on 100Mb port - FTD 6.6 /6.5
Hi. I'm currently engaged with TAC regarding a defect on FTD 6.6 / FPR1120.   Seems there's something wrong... in 6.4: Management port is working at both 100Mb/sec and Gig Speed. in 6.5 : Management port is working only at Gig speed during reimage and subsequent reboot unless you power off completely the FPR1120, remove power, wait 20 seconds and cold start. Works correctly afterwards. in 6.6 : Management port is working only at Gig during reimage. Do not work at 100Mb/sec at all, even after reboot, ...
Latest activity: Jul 10, 2020
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.