Cisco Firepower Troubleshoot File Generation Procedures

Similar documents
Image Management. About Image Management

Using the Command Line Interface (CLI)

Getting Started. About the ASA for Firepower How the ASA Works with the Firepower 2100

Logging into the Firepower System

Table of Contents. Cisco WebVPN Capture Tool on the Cisco ASA 5500 Series Adaptive Security Appliance

FTD: How to enable TCP State Bypass Configuration using FlexConfig Policy

Device Management Basics

Integration of FireSIGHT System with ISE for RADIUS User Authentication

Updating to Version 6.2.2

Firepower Management Center High Availability

The following topics describe how to use backup and restore features in the Firepower System:

User Accounts for Management Access

Firepower extensible Operating System (FXOS) 2.2: Chassis Authentication and Authorization for remote management with ACS using RADIUS

Configure WSA to Upload Log Files to CTA System

Device Management Basics

Contents. Introduction. Prerequisites. Requirements. Supported Devices

This document describes Firepower module s system/ traffic events and various method of sending these events to an external logging server.

Configure Firepower Threat Defense (FTD) Management Interface

This document describes the configuration of Secure Sockets Layer (SSL) decryption on the FirePOWER Module using ASDM (On-Box Management).

Configure WSA to Upload Log Files to CTA System

Configuration Import/Export

Use NAT to Hide the Real IP Address of CTC to Establish a Session with ONS 15454

The following topics explain how to get started configuring Firepower Threat Defense. Table 1: Firepower Device Manager Supported Models

Backup and Restore Introduction

Install a Telepresence Management Suite (TMS) Release Key

Restrictions for Secure Copy Performance Improvement

Device Management Basics

There are two ways for a sensor device to detect the Security Group Tag (SGT) assigned to the traffic:

Lab - Remote Desktop in Windows 8

Configuring Firepower Threat Defense interfaces in Routed mode

Platform Settings for Classic Devices

Classic Device Management Basics

* Knowledge of Adaptive Security Appliance (ASA) firewall, Adaptive Security Device Manager (ASDM).

Deployment of FireSIGHT Management Center on VMware ESXi

System Configuration. The following topics explain how to configure system configuration settings on Firepower Management Centers and managed devices:

FireAMP Connector for Mac Diagnostic Data Collection

Realms and Identity Policies

The instruction in this document is applicable on Cisco FireSIGHT Management Center FS2000 and FS4000 models.

Remote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN

System Administration

License Management for the ASA

Reimage Procedures. Firepower 2100 Series Software Reimage and Disaster Recovery

User Identity Sources

License Management for the ASA

Getting Started. Task Flow. Initial Configuration. Task Flow, on page 1 Initial Configuration, on page 1 Accessing the FXOS CLI, on page 4

PIX/ASA 7.x to 7.x Upgrade a Software Image using ASDM or CLI Configuration Example

Deploy the Firepower Management Center Virtual On the AWS Cloud

Lab - Configure Data Backup and Recovery in Windows 8

Traffic Flow, Inspection, and Device Behavior During Upgrade

Using Cisco Unity Express Software

PIX/ASA: Upgrade a Software Image using ASDM or CLI Configuration Example

Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.2

Cisco Firepower Thread Defence. Claudiu Boar

Getting Started. Access the Console for the Command-Line Interface. Access the Appliance Console

Clientless SSL VPN End User Set-up

Configure FTD Interfaces in Inline-Pair Mode

Install and Configure the TS Agent

Before You Update: Important Notes

Executing PowerShell Agent Commands

Understanding HTTPS to Decrypt it

Clientless SSL VPN Remote Users

Configure Per-User Dynamic Access Control Lists in ISE

Configuring Dynamics GP econnect with Nexonia... 1

Configuration and Operation of FTD Prefilter

Lab - Configure Browser Settings in Windows 8

Lab - Remote Desktop in Windows 7 and Vista

Executing PowerShell Agent Commands

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Configuring Cisco CallManager IP Phones to Work With IP Phone Agent

PIX/ASA: PPPoE Client Configuration Example

Getting Started With the Cisco PAM Desktop Software

The information in this document is based on these software and hardware versions:

Cisco ASA to Firepower Threat Defense Migration Guide, Version 6.2.2

Upgrading the Cisco APIC-EM Deployment

Cisco Prime Network Services Controller 3.0 CLI Configuration Guide

Sharing a Cisco Unity Voice Mail Box between Two or More IP Phones

If necessary, you can also download and install the Cisco Webex Meetings desktop app manually.

Setting Up and Using WebDrive

IM and Presence Service Configuration for SIP Federation

Configure. Background. Register the FTD Appliance

Cisco Traffic Analyzer

Get Started with Cisco DNA Center

SSL VPN Web Portal User Guide

To access the Startup Wizard, choose one of the following options: Wizards > Startup Wizard.

Reimage a Sourcefire Defense Center and FirePOWER Appliance

Fixing Issues with Corporate Directory Lookup from the Cisco IP Phone

User Identity Sources

Certificates for Live Data Standalone

Getting Started. Getting Started with Your Platform Model. Factory Default Configurations CHAPTER

Firepower Threat Defense Remote Access VPNs

Cisco Unified CM User Options

This chapter provides information to help you manage reports. Table 1: Unified CM reports that display in Cisco Unified Reporting

Windows 2000 Safe Mode

Configure the ASA for Dual Internal Networks

Cisco ASA for Firepower 2100 Series Getting Started Guide

Cisco ASA to Firepower Threat Defense Migration Guide, Version 6.2

LAB #5 Intro to Linux and Python on ENGR

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Lab Viewing Wireless and Wired NIC Information

Configuring Administrative Operations

Transcription:

Cisco Firepower Troubleshoot File Generation Procedures Contents Introduction Prerequisites Using the Web Interface of FMC Generate a Troubleshoot File Download a Troubleshoot File Using the Command Line Interface (CLI) Copy a Troubleshoot File with CLI Introduction This document describes how to generate a troubleshoot file on a Cisco Firepower. A troubleshoot file contains a collection of log messages, configuration data, and command outputs. It is used to determine the status of the Firepower hardware and software. If a Cisco engineer requests you to send a troubleshoot file from your Firepower device, you can use the instructions provided in this document. Prerequisites Cisco recommends that you have knowledge of the following products: (FMC) Firepower Threat Defense (FTD) FirePOWER (SFR) service module running on ASA Note: You can use an FMC to generate a troubleshoot file for the management appliance itself, or for any managed devices. The instructions on this document is applicable on an FMC that runs software Version 5.0 or later. Warning: The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Using the Web Interface of FMC Generate a Troubleshoot File Complete these steps in order to generate troubleshoot files: 1. 2. In the version 6.x, navigate to System > Health > Monitor on the management appliance web interface in order to reach the Health Monitor page. In the version 5.x, navigate to Health > Health Monitor on the management appliance web interface in order to reach the Health Monitor page. In order to expand the appliance list and view the appliances with a particular status, click the arrow at the end of the row: Tip: If the arrow at the end of the row for a status level points down, the appliance list for that status appears in the lower table. If the arrow points right, the appliance list is hidden. 3. In the Appliance column of the appliance list, click the name of the appliance for which you want to view details. The Health Monitor Appliance page appears. 4. Click Generate Troubleshooting Files. The Troubleshooting Options pop-up window appears. 5. Check the All Data check box in order to generate a report with all of the possible troubleshooting data, or check the individual check boxes in order to customize your report:

6. Click Generate and the Management Center generates the troubleshoot files. Tip: In version 6.x, in order to monitor the file generation process in task status, navigate to Message Center icon (an option between Deploy and System) > Tasks. In version 5.x, in order to monitor the file generation process in the task queue, navigate to System > Monitoring > Task Status. Download a Troubleshoot File In order to download a copy of your generated troubleshoot file, go to the Task Status page on your FMC. In version 6.x, navigate to Message Center icon ( an option between Deploy and System) > Tasks on the management appliance web interface in order to reach the Task Status page. In version 5.x, navigate to System > Monitoring > Task Status on the management appliance web interface in order to reach the Task Status page. On 6.x: On 5.x:

Once the appliance generates a troubleshoot file, the task status changes to Completed. You can locate the task that corresponds to the troubleshoot files that you generated. Click the Click to retrieve generated files link and follow the browser prompts in order to download the file. The files are downloaded to your desktop in a single.tar.gz file. Using the Command Line Interface (CLI) If you attempt to use the generation method that is described in the previous sections and are unable to access the management appliance web interface, or if there is a connectivity issue between the management appliance and the managed devices, then you will not be able to generate the troubleshoot file. In this case, you can use the CLI of your appliance in order to generate the troubleshoot file. Enter this command on the in order to generate a troubleshoot file: admin@fmc:~$ sudo sf_troubleshoot.pl Starting /usr/local/sf/bin/sf_troubleshoot.pl... Please, be patient. This may take several minutes. Troubleshooting information successfully created at /var/common/xxxxxx.tar.gz Enter this command on FirePOWER devices/modules and virtual managed devices in order to generate a troubleshoot file: > system generate-troubleshoot all Starting /usr/local/sf/bin/sf_troubleshoot.pl... Please, be patient. This may take several minutes. The troubleshoot option code specified is ALL. Troubleshooting information successfully created at /var/common/xxxxxx.tar.gz You can obtain a troubleshoot file directly from your Firepower extensible Operating System (FXOS). To generate a file, you need to connect to the device's management address using Secure Shell (SSH). Once you are in the FXOS CLI, follow the steps below to generate the file: FP4150# connect local-mgmt FPr4150(local-mgmt)# show tech-support fprm detail

Initiating tech-support information task on FABRIC A... Completed initiating tech-support subsystem tasks (Total: 1) All tech-support subsystem tasks are completed (Total: 1[received]/1[expected]) The detailed tech-support information is located at workspace:///techsupport/20170116170843_fp4150_fprm.tar FP4150(local-mgmt)# The fprm keyword generates a troubleshoot file for the Firepower Platform Management. Similarly, the system also allows you to generate troubleshoot files from chassis and security module. FP4150(local-mgmt)# show tech-support? chassis Chassis fprm Firepower Platform Management module Security Module Once a troubleshoot file is generated, you can find it in the workspace. Run the following command to confirm: FP4150(local-mgmt)# dir workspace:/techsupport 1 9912320 Jan 16 17:10:07 2012 20170116170843_FP4150_FPRM.tar Usage for workspace:// 4032679936 bytes total 43540480 bytes used 3784286208 bytes free FP4150(local-mgmt)# Note: If you successfully generate files using all three parameters (fprm, chassis, module), you should see them in the /techsupport directory. Copy a Troubleshoot File with CLI Before you copy a file from FXOS to your computer, ensure the following items: The firewall on your local computer accepts incoming connection over any necessary ports. For example, if you copy a file over Secure Shell, your computer must be allowing connections from any related ports, such as, port 22. You computer must be running the Secure Copy (SCP) service. You can find various SSH/SCP server softwares in the internet. However, Cisco does not provide support for installing and configuring any particular SCP server. Enter this command on the in order to copy a troubleshoot file:

admin@fmc:~$ sudo scp troubleshoot_file_name username@destination_host:destination_folder Enter this command on FirePOWER devices and virtual managed devices in order to copy a troubleshoot file: > system file secure-copy hostname username destination_folder troubleshoot_file Note: In this example, the hostname refers to the name or IP address of the target remote host, the username specifies the name of the user on the remote host, the destination_folder specifies the destination path on the remote host, and the troubleshoot_file specifies the local troubleshoot file for transfer. To copy a troubleshoot file from your to your local computer, run the following command on your Firepower appliance: FP4150(local-mgmt)# copy workspace:/techsupport/filename scp://username@x.x.x.x

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback