cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
399
Views
10
Helpful
3
Replies
Beginner

Can FMC be connected to an FTD device over a WAN connection with a NAT device in between ?

I am planning to connect a FMC to an FTD device over a WAN connection with a NAT device in between.

Can this work ? If yes, what would be the risks associated with it ?

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Advisor

Re: Can FMC be connected to an FTD device over a WAN connection with a NAT device in between ?

Hi

Yes this is possible and you'll need to fill in the nat id field which will be used by fmc with the registration key to build a secure connection.
Features will be the same as registering a ftd without nat.

Take a look here:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Management_Center_Basics.html#ID-2242-00000191

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
3 REPLIES 3
VIP Advisor

Re: Can FMC be connected to an FTD device over a WAN connection with a NAT device in between ?

Hi

Yes this is possible and you'll need to fill in the nat id field which will be used by fmc with the registration key to build a secure connection.
Features will be the same as registering a ftd without nat.

Take a look here:
https://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Management_Center_Basics.html#ID-2242-00000191

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Highlighted
Beginner

Re: Can FMC be connected to an FTD device over a WAN connection with a NAT device in between ?

Thanks.

 

Is it also possible to apply ntp authentication via the management interface ?

VIP Advisor

Re: Can FMC be connected to an FTD device over a WAN connection with a NAT device in between ?

I'm sorry i don't get your question.
FTD uses its management to access ntp which means of you're connecting to a ntp server that requires authentication, it won't change the way the ntp synchronization works.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question