It is our first time deploying FTD+FMC. Coming from years of ASA deployment experience i am getting very frustrated on how difficult this change is, does anyone else thinks that way?
How do i do a simple ping/connectivity test from the GUI of the FMC?
I know i can do that by login into the FTD CLI, but that is not quite the way for me to do basic troubleshooting.
Or how do i do a packet tracing path like ASA Gui?
In terms of ACL. Do i group all of my basic L3 deny/allow subnets/ports acl together with all L7 rules, it is such a mess.
If i have 10-15 interfaces on my FTD, with 5-10 rules(l3+l7 rules) the access policy page is a big gigantic mess. Someone please enlighten me, or what is ur way of doing it.
I am tempted to re-image the whole FTD to ASA image since im using 2100firepower, if i am not getting the hang of this mess!
Appreciate any help.
How do I do a simple ping/connectivity test from the GUI of the FMC?
Devices --> Device Management -->click on the tools next to the FW --> Advanced Troubleshooting --> Threat Defence CLI This performs a ping command from the Threat Defence appliance, not the FMC.
How do I do a packet tracing path like ASA Gui?
Next tab packet tracer you may check the Capture w/Trace
Someone, please enlighten me, or what is ur way of doing it.
I am using rule categories based on the use of each ACL.
Hope all these helps. I know it is a bit confusing at first but give it some time.