https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522485#M1085974 <P>Thanks Marvin.&nbsp; I did see that you can configure these firewalls through Ansible.&nbsp; Through User Data, it sure would be nice to place an initial config on it.&nbsp; &nbsp; It just would be nice to not have to worry about another machine or how to securely connect to the firewall for initial configuration.</P> Wed, 22 Dec 2021 05:15:52 GMT sweigle88 2021-12-22T05:15:52Z https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522413#M1085968 <P>Hi,</P><P>&nbsp;</P><P>We would like to perform various testing on the Cisco Firepower and therefore we would like to stand up a Firepower in AWS.&nbsp; I've created a cloudformation template and subscribed to the firepower aws subscription.&nbsp; I created 4 network interfaces and they are attached to the instance as described in the deployment documents published by cisco for their aws appliance, but it appears to only have one interface in the config that it is using:</P><P><SPAN>&gt; show ip </SPAN></P><P><SPAN>System IP Addresses: </SPAN></P><P><SPAN>Interface Name IP address Subnet mask Method </SPAN></P><P><SPAN>TenGigabitEthernet0/0 outside 100.64.37.81 255.255.255.128 DHCP </SPAN></P><P><SPAN>TenGigabitEthernet0/1 inside 192.168.45.1 255.255.255.0 manual</SPAN></P><P>&nbsp;</P><P>The management interface is not set.&nbsp;</P><P>&nbsp;</P><P>Is there a way to configure this virutal appliance via the command line?&nbsp; It has been a while for me, but I'm used to IOS and configuring via the command line, but all I see is that you need to use a GUI for these firewalls?</P><P>&nbsp;</P><P>thanks</P> Tue, 21 Dec 2021 23:29:17 GMT https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522413#M1085968 sweigle88 2021-12-21T23:29:17Z https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522461#M1085973 <P>"show network" will show the management interface details.</P> <P>Firepower requires using a GUI (API is available for some things). It is usually FMC (a separate centralized server) when running multiple FTD devices but you can also use the local GUI known as Firepower Device Manager. There's also a cloud-based option - CDO.</P> <P><A href="https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/aws/ftdv-aws-gsg/ftdv-aws-fdm.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/aws/ftdv-aws-gsg/ftdv-aws-fdm.html</A></P> Wed, 22 Dec 2021 03:36:36 GMT https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522461#M1085973 Marvin Rhoads 2021-12-22T03:36:36Z https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522485#M1085974 <P>Thanks Marvin.&nbsp; I did see that you can configure these firewalls through Ansible.&nbsp; Through User Data, it sure would be nice to place an initial config on it.&nbsp; &nbsp; It just would be nice to not have to worry about another machine or how to securely connect to the firewall for initial configuration.</P> Wed, 22 Dec 2021 05:15:52 GMT https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522485#M1085974 sweigle88 2021-12-22T05:15:52Z https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522525#M1085976 <P>I've not done it myself but you can automate FTD deployment using Terraform and the like.</P> <P>Have a look at this YouTube series:</P> <P><A href="https://www.youtube.com/watch?v=TvcuXP3Yn-0" target="_blank">https://www.youtube.com/watch?v=TvcuXP3Yn-0</A></P> Wed, 22 Dec 2021 07:11:48 GMT https://community.cisco.com/t5/network-security/ftd-virtual-appliance-in-aws/m-p/4522525#M1085976 Marvin Rhoads 2021-12-22T07:11:48Z