Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
286
Views
2
Helpful
3
Replies

2 FTD Interfaces in the same FMC security zone

Go to solution
Rene Mueller
Level 5
Level 5

‎07-08-2024 07:34 AM

I have a FTD HA-Pair configured in FMC and it's inernal and external Interface is assigned to a Internal-Security Zone and an External-Security zone. So far so good. Now I added another FTD HA-pair (branch office) to the FMC and asking myself if it is possible to add its Interfaces to the same Security Zones, so that I don't need to add "duplicate" zones. Question is, can I add Interfaces from different HA-pairs to the same Security Zone or is it better to have every FTD-pair use it's own logic and Security Zones.

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎07-08-2024 07:42 AM

@Rene Mueller yes you can configure the interfaces of another FTD with the same security zone.

View solution in original post

Go to solution
Marius Gunnerud
VIP
VIP

‎07-08-2024 09:14 AM

Yes, I have 6 FTDs where I have standardized the interface names and zones so that all my remote office firewall configurations can be streamlined.  So, for example, all my LAN interfaces are a member of INT-ZONE-A and all my Outside interfaces are a member of OUT-ZONE-A.  I have also done the same with VTIs.  I like doing things this way as it makes management  and setup of interface rules much easier and efficient.

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎07-08-2024 07:42 AM

@Rene Mueller yes you can configure the interfaces of another FTD with the same security zone.

Go to solution
MHM Cisco World
VIP
VIP

‎07-08-2024 08:19 AM - edited ‎07-10-2024 02:58 AM

Thanks

MHM

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP

‎07-08-2024 09:14 AM

Yes, I have 6 FTDs where I have standardized the interface names and zones so that all my remote office firewall configurations can be streamlined.  So, for example, all my LAN interfaces are a member of INT-ZONE-A and all my Outside interfaces are a member of OUT-ZONE-A.  I have also done the same with VTIs.  I like doing things this way as it makes management  and setup of interface rules much easier and efficient.

--
Please remember to select a correct answer and rate helpful posts
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card