cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

282
Views
0
Helpful
3
Replies
Beginner

FTD (2110) routed mode with single interface in transparent mode

I am replacing my SonicWall with FMC(6.3.0.3)/FTD 2110's (6.2.3.13). And trying to configure a "transparent mode" interface. 

I am in Routed mode, 1/1 is my WAN (192.1.1.1/24), I'd like interface 1/8 to be in transparent mode DMZ, so I don't have to worry about NAT'ing the devices, but still gives me all the protections given any DMZ/LAN segment.

 

Please point me in the right direction, terminology so I can get my new FWs configured.

 

TIA -

Everyone's tags (2)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Beginner

Re: FTD (2110) routed mode with single interface in transparent mode

Looks like Cisco may call this "Identity NAT" - does that sound right?

Anyone have examples/videos?

Beginner

Re: FTD (2110) routed mode with single interface in transparent mode

Ended up being a bug in the FMC code (6.3.0.3).

When objects do not show up in the dropdowns, or in the object search you need to clear the cache on the FMC.

Access CLI of the FMC

> expert mode

root@FMC:~# sudo su -

#  Clear the cache folder

root@FMC:~# rm -r /var/opt/CSCOpx/MDC/search/

# Restart the service

root@FMC:~# pmtool restartbyid DCCSM

“Wait for cache to rebuild and services to start”

pmtool status | grep -i gui

mysqld (system,gui,mysql) - Running 5041

httpsd (system,gui) - Running 28239

sybase_arbiter (system,gui) - Waiting

vmsDbEngine (system,gui) - Running 5047

ESS (system,gui) - Running 5086

DCCSM (system,gui) - Running 17994

Tomcat (system,gui) - Running 17995

VmsBackendServer (system,gui) - Running 17996

mojo_server (system,gui) - Running 28252

root@FMC:~#

3 REPLIES 3
Beginner

Re: FTD (2110) routed mode with single interface in transparent mode

Looks like Cisco may call this "Identity NAT" - does that sound right?

Anyone have examples/videos?

Beginner

Re: FTD (2110) routed mode with single interface in transparent mode

Ended up being a bug in the FMC code (6.3.0.3).

When objects do not show up in the dropdowns, or in the object search you need to clear the cache on the FMC.

Access CLI of the FMC

> expert mode

root@FMC:~# sudo su -

#  Clear the cache folder

root@FMC:~# rm -r /var/opt/CSCOpx/MDC/search/

# Restart the service

root@FMC:~# pmtool restartbyid DCCSM

“Wait for cache to rebuild and services to start”

pmtool status | grep -i gui

mysqld (system,gui,mysql) - Running 5041

httpsd (system,gui) - Running 28239

sybase_arbiter (system,gui) - Waiting

vmsDbEngine (system,gui) - Running 5047

ESS (system,gui) - Running 5086

DCCSM (system,gui) - Running 17994

Tomcat (system,gui) - Running 17995

VmsBackendServer (system,gui) - Running 17996

mojo_server (system,gui) - Running 28252

root@FMC:~#

Beginner

Re: FTD (2110) routed mode with single interface in transparent mode

Why aren't the FTD's in 6.3.0.3 or 6.4.0.4 code? why still 6.2.3? you lose some functionality that 6.3 and even more so 6.4 provides...just wondering why you didn't update first?

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards
This widget could not be displayed.