Default Settings for Interfaces
This section lists default settings for interfaces.
Default State of Interfaces
The default state of an interface depends on the type.
-
Physical interfaces—Disabled. The exception is the Management interface that is enabled for initial setup.
-
Redundant Interfaces—Enabled. However, for traffic to pass through the redundant interface, the member physical interfaces must also be enabled.
-
VLAN subinterfaces—Enabled. However, for traffic to pass through the subinterface, the physical interface must also be enabled.
-
EtherChannel port-channel interfaces (ISA 3000)—Enabled. However, for traffic to pass through the EtherChannel, the channel group physical interfaces must also be enabled.
-
EtherChannel port-channel interfaces (Firepower and Secure Firewall models)—Disabled.
Note | For the Firepower 4100/9300, you can administratively enable and disable interfaces in both the chassis and in the management center. For an interface to be operational, the interface must be enabled in both operating systems. Because the interface state is controlled independently, you may have a mismatch between the chassis and management center. |
Default Speed and Duplex
By default, the speed and duplex for copper (RJ-45) interfaces are set to auto-negotiate.
By default, the speed and duplex for fiber (SFP) interfaces are set to the maximum speed, with auto-negotiation enabled.
For the Secure Firewall 3100/4200, the speed is set to detect the installed SFP speed.