04-07-2019 08:13 PM - edited 02-21-2020 09:01 AM
Hi All,
It is our first time deploying FTD+FMC. Coming from years of ASA deployment experience i am getting very frustrated on how difficult this change is, does anyone else thinks that way?
How do i do a simple ping/connectivity test from the GUI of the FMC?
I know i can do that by login into the FTD CLI, but that is not quite the way for me to do basic troubleshooting.
Or how do i do a packet tracing path like ASA Gui?
In terms of ACL. Do i group all of my basic L3 deny/allow subnets/ports acl together with all L7 rules, it is such a mess.
If i have 10-15 interfaces on my FTD, with 5-10 rules(l3+l7 rules) the access policy page is a big gigantic mess. Someone please enlighten me, or what is ur way of doing it.
I am tempted to re-image the whole FTD to ASA image since im using 2100firepower, if i am not getting the hang of this mess!
Appreciate any help.
04-07-2019 10:40 PM
How do I do a simple ping/connectivity test from the GUI of the FMC?
Devices --> Device Management -->click on the tools next to the FW --> Advanced Troubleshooting --> Threat Defence CLI This performs a ping command from the Threat Defence appliance, not the FMC.
How do I do a packet tracing path like ASA Gui?
Next tab packet tracer you may check the Capture w/Trace
Someone, please enlighten me, or what is ur way of doing it.
I am using rule categories based on the use of each ACL.
Hope all these helps. I know it is a bit confusing at first but give it some time.
04-26-2019 06:56 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: