Hi. I haven't been able to find the information.
We're deploying a new virtual FMC that is going to manage 2 FTD devices (2100). This customer doesn't want to give full Internet access to this machine, they say they want to restrict to certains ports and public IP Addresses.
How can I find which URLs/Public IP Address we need to consider? I need connection to Smart Licensing, since we will be using Smart Licenses for FTD, and I know FMC also needs to consult to the cloud for AMP analysis, VDB- Snort updates, Security Intelligence, etc.
I appreciate if someone can help us to find out which URLs we need to permit, or how can we approach this!
Solved! Go to Solution.
Required ports and access for the Firepower is documented here:
From an allowed URL perspective, I know of a few that the Firepower uses (at least previously):
My recommendation is to remove the FMC from any access restriction rules. I have had trouble with FMC downloading URL Databases when I put it through existing content filters/proxies etc.
I agree with you, but the only ones I have are the ones below:
If you can use wildcard's, then try allowing .cisco, .sourcefire and .brightcloud to the allow list. The problem with static ip addresses is that the content is mostly stored on AWS or on CDN's, which almost always changes.
Though not consolidated, but all the URL's can be determined in the below 3 documents:
Thanks a lot, that's very useful.
However, I'm still worried about the connection to Smart Licensing Portal. FTD devices use Smart Licensing, and FMC will need a connection to the cloud. I've read so many documents about Smart Licensing but none of them give me information about IP addreses or URLs.
Good solution to resolve the internet restrictions in FMC server and use smartlicense. But this no resolve the fact that we need to have the FMC witch internet connection to have a database updated, receive feeds right?
The URL https://smart-satellite.cisco.com:443 is not accessible.
Is this URL is mandatory or Is there any other URL instead of this ?