ASA#show module sfr details (This will show SFR details including version as well as FMC IP etc)

ASA#show service-policy sfr (This will show all packets forwarded from ASA to SFR as well as if SFR dropping packets)
Note – if you are using ASA in multi context mode, you need to login to context and run above command.

If you see SFR dropping all the packets, you can configure it monitor-only to traffic bypass inline mode to streamline production traffic & troubleshoot SFR issues
ASA(config)# policy-map global_policy
ASA(config-pmap)# class firepower_class_map
sfr {fail-close | fail-open} [monitor-only]

If you want to reload the SFR module
ASA#sw-module module sfr reload

I hope this helps in troubleshooting ASA SFR Issues !!


















0 0 votes
Article Rating
Cisco ASA SFR Module Troubleshooting
Tagged on:         
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x

Discover more from NetworkSecurityGuru

Subscribe now to keep reading and get access to the full archive.

Continue reading