09-10-2019 05:30 AM
I recently purchased 3 of the new Firepower 1010. I an using the device up using the on box management, Firepower Device Manager (FDM), to configure the firewalls. I currently don't have enough FMC licenses to connect the firewalls to FMC at this time. With a Cisco ASA I would simply be able to set security levels on each interface to create a stateful firewall. I would like to accomplish the same thing on the Firepower 1010. Does the Firepower 1010 have a feature that would allow me to configure a stateful firewall using FDM? Honestly FDM seems pretty bare bones and I'm not super impressed with it...
Any help is appreciated!
Solved! Go to Solution.
09-11-2019 08:12 AM
09-10-2019 06:24 AM
yes you can use FDM to configure, below guide help you.
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp1010/firepower-1010-gsg.pdf
09-11-2019 07:57 AM
So if I create an inside and an outside security zone and apply them to the appropriate interfaces all I should need to do is create an Access Control rule to allow inside to outside and it the 1010 should perform state tracking?
I factory reset the device and it looks like that is all it did by default.
09-11-2019 08:12 AM
09-11-2019 08:35 PM
hi,
there's already a default NAT and access control rules configured in FTD for initial traffic to flow.
you'll also need to further tweak the device via FDM.
see helpful link:
http://ccnpsecuritywannabe.blogspot.com/2019/09/configuring-ftd-623-via-firepower.html
09-12-2019 01:12 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide