We would like to deploy our 4120 as a Multi-Instance Container to have more flexibility in the future, without the need to get new boxes.
Now in the Multi-Instance Guide and the FTD/FMC6.4 it states that the following features are not supported:
In FMC System Guide 6.4 under Backup and Restore it states that this is not possible for the FTDv and FTD Container etc etc.
What is the correct guideline and what steps are needed to restore FTD containers, also in regards to FTD Container that are part of a HA pair.
Also when is device backup für FTD container coming?
Thanks for the help and best regards
As of right now that aspect of the feature has not yet matured. Your only option is to record all of the settings used when creating the multiple instances (and associated HA configuration where applicable) and manually re-input them in the event of failure.
I'd expect to see this feature in future releases; but until then this is your only option.
I was worried that might be the answer to my question.
But how does one go about restoring a HA Pair when one fails... or worse, when both FTD appliances quit there jobs and went on strike?
Also do I have to print screen/note down every interface/routing/HA config?
Thanks for any helpful input
Well restoring a failed member HA pair would entail getting the replacement unit bootstrapped and create the instances in standalone, add them to FMC, break the existing HA pair config in FMC and then re-add each instance to its mate.
If both failed, then the process would be similar - just a bit longer.
The policies will still be on FMC and available for deployment. If you have device backups on your FMC you can also leverage those.