cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

390
Views
0
Helpful
3
Replies
ale Beginner
Beginner

Firepower 4100 Multi-Instance and FTD Backup

Hello Everyone

We would like to deploy our 4120 as a Multi-Instance Container to have more flexibility in the future, without the need to get new boxes.
Now in the Multi-Instance Guide and the FTD/FMC6.4 it states that the following features are not supported:

Screenshot 2019-07-04 at 17.59.38.png

 

In FMC System Guide 6.4 under Backup and Restore it states that this is not possible for the FTDv and FTD Container etc etc.

Screenshot 2019-07-04 at 18.00.16.png

What is the correct guideline and what steps are needed to restore FTD containers, also in regards to FTD Container that are part of a HA pair.

Also when is device backup für FTD container coming?

 

Thanks for the help and best regards

Alex

Everyone's tags (4)
3 REPLIES 3
Hall of Fame Guru

Re: Firepower 4100 Multi-Instance and FTD Backup

As of right now that aspect of the feature has not yet matured. Your only option is to record all of the settings used when creating the multiple instances (and associated HA configuration where applicable) and manually re-input them in the event of failure.

I'd expect to see this feature in future releases; but until then this is your only option.

ale Beginner
Beginner

Re: Firepower 4100 Multi-Instance and FTD Backup

Hello Marvin

I was worried that might be the answer to my question.

But how does one go about restoring a HA Pair when one fails... or worse, when both FTD appliances quit there jobs and went on strike? 

 

Also do I have to print screen/note down every interface/routing/HA config? 

 

Thanks for any helpful input

Alex

Hall of Fame Guru

Re: Firepower 4100 Multi-Instance and FTD Backup

Well restoring a failed member HA pair would entail getting the replacement unit bootstrapped and create the instances in standalone, add them to FMC, break the existing HA pair config in FMC and then re-add each instance to its mate.

If both failed, then the process would be similar - just a bit longer.

The policies will still be on FMC and available for deployment. If you have device backups on your FMC you can also leverage those.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here