SSH Access to FTD Inside Interface

Chuck Reimer — Tue, 29 Nov 2022 16:48:06 GMT

We are trying to enable SSH access via Platform Settings which is being pushed to 6.6.4 FTD and we are able to login with local accounts but not external accounts. We have an LDAP External Authentication Object defined and use an LDAP base filter to restrict login to our devices. I do see there is an CLI Access Filter which is currently set to "Same as Base Filter" which is accurate for what we would need. Is there any logs or debugging available to see where the failure is?

Re: SSH Access to FTD Inside Interface

Zhicheng Lun — Tue, 13 Dec 2022 03:12:05 GMT

Hi Chuck,

You can refer below link to setup external authentication with LDAP for FMC, FTD login, in below document, it also shows you can use packet capture tool to verify login process. I would recommend you to open a TAC case for further troubleshooting assistance.

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/215538-configure-firepower-management-center-an.html

-----------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/4416493] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.
-----------------------------------------

Thanks,

topic SSH Access to FTD Inside Interface in Network Security

SSH Access to FTD Inside Interface

Re: SSH Access to FTD Inside Interface