Changing FTD Platform Settings

jberrios · ‎12-16-2024

I currently have 2 sites, and each site has (2) FTDs in active/passive failover. When looking at the Platform Settings, they both share a single policy. I need to add another policy for each pair to change their syslog server settings to go to different syslog servers. When I create a "Threat Defense Settings" policy and add an HA to it, I am presented with the following message:

Following device have an existing platform setting or a DNS value configured by CLI. Do you want to replace the existing configuration?

How can I determine which setting(s) would be modified? Is there a potential for taking the pair offline?

Rob Ingram · ‎12-16-2024

@jberrios it is unlikely to impact transit traffic, as the Platform Settings policy applies setting applicable to the FTD itself. If your new Platform settings policy does not include DNS settings and the existing one does, you would probably want to ensure you define DNS servers and another other settings.

Why do you need to create a new policy, can you not amend the exist policy that is applied with the syslog servers?

jberrios · ‎12-16-2024

@Rob Ingram , is it possible to specify multiple syslog servers within the same policy and direct each pair to specific syslog servers?

Rob Ingram · ‎12-16-2024

@jberrios not if they share the same policy.

MHM Cisco World · ‎12-16-2024

there is config replication from active to standby and there some little config not replicate
config different syslog is replication so what you try to do will not work

MHM

Marvin Rhoads · ‎12-16-2024

In addition to what @Rob Ingram correctly mentioned, you can preview the deployment changes before clicking the final confirmation button.