cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
540
Views
5
Helpful
3
Replies

ASA 5525X With FirePOWER Setup

Mokhalil82
Level 4
Level 4

Hi

I have ASA 5525X firewalls with FirePOWER. I have read the deployment guide but just have a few questions. 

The ASAs will be connected to my L3 core switch. I just want to confirm if my understanding of this is correct. This is just the initial setup.

 

 

Management VLAN100 on core switch - 192.168.10.1 /24

ASA Interface G1/1 (Mgmt Interface) - 192.168.10.2

FirePOWER Mgmt IP- 192.168.10.3

 

Route Management 192.168.10.0 255.255.255.0 192.168.10.1

 

 

Then I will session into the sfr module to set the management IP of 192.168.10.3

 

Will that work or am I missing something.

 

Thanks

 

1 Accepted Solution

Accepted Solutions

No, the FirePOWER module only works on the m0/0 interface. If that is connected to your mgmt-network, the default-route needs to point to the next L3-interface in that network.

View solution in original post

3 Replies 3

You don't need a route for your directly connected management-network, but your FirePOWER-Module needs a default-route to your L3-Switch 192.168.10.1.

On The ASA, there is no interface Gig1/1, but an interface Gig0/1 that by default is a "normal" traffic-passing-interface or the m0/0 which is the dedicated management-port that doesn't pass any user-traffic.

Thanks Karsten. Yes I meant M0/0 interface. 

Just another question, the route to the inside, does this point via the inside interface for firepower

 

Thanks

No, the FirePOWER module only works on the m0/0 interface. If that is connected to your mgmt-network, the default-route needs to point to the next L3-interface in that network.

Review Cisco Networking for a $25 gift card