FTD Registration to FMC different subnets

Bbusta — Fri, 21 Feb 2020 18:51:31 GMT

Scenario:

We will be deploying several FTD in different locations.

FMC communication will all be private IPs (No NAT involved). It will be all just different subnets.

FTD --> Router --> Router --> FMC

We followed the deployment guide, FMC seems to be detecting FTD and started to register FTD. It started the registration and we can see that the FTD already sees it as a manager.

FMC was taking awhile registering it and was going back and forth with "Discovery from the device is in progress."

followed by:

"Discovery failed due to communication failure with device. If problem persists after retrying later, contact Cisco TAC."

and then

"Unregistration completed. - Unable to get status message"

Then the registration stopped and FTD shows that its "manager" is now "managed locally.

I have done this before in a layer 2 environment and was straight forward (FMC +FTD same subnet). Never had this issue.

1.) I have read that there would be a need to configure one of the interfaces so that it will be the routed gateway of the Management. But there was no clear detail on this. I couldn't seem to do any configuration on the interfaces without having it registered first with FMC. Any procedure?

2.) And another thing, once we were able to do this stuff on this premise, we will move this to another site and probably need to re-register this to FMC with the new IP on that site. Is there any probable issue on this?

(FMC + FTD 6.1) * will be upgrading via FMC once communication has been established.

Re: FTD Registration to FMC different subnets

Bbusta — Mon, 30 Apr 2018 01:13:12 GMT

Just to update. The FTD 6.1 that I have seems to have some issues. I have deployed the same way on my test lab and all looks fine. Will update this if I find any issues.

topic FTD Registration to FMC different subnets in Network Access Control

FTD Registration to FMC different subnets

Re: FTD Registration to FMC different subnets