06-20-2017 11:03 PM - edited 03-12-2019 06:16 PM
Hi guys,
We just started using a ASA5506-X with FTD 6.2.0 installed, running in a lab environment, but the intention of moving to production. We have all the connectivity needs up and running, but i am finding the GUI to be very limited in possibilities compared to ASDM..
We have several PPTP vpn connections that have to made for remote support, but outbound PPTP is not working. When trying to change the policy-map global_policy, i dont have the option to add inspect PPTP. What do we have to do to get this working?
Another thing i am missing, is SNMP monitoring. I have been through the GUI and CLI but cannot find any option to allow SNMP monitoring on any interface.
Thoughts?
06-21-2017 12:37 AM
The FirePOWER Device Manager (FDM) on-box management is limited by design. Cisco positions it for the use case of simple basic setup. For enterprises or advanced users they recommend FirePOWER Management Center (FMC).
FMC allows you do create FlexConfigs which can be deployed to the FTD device to manage elements of the configuration (specifically the legacy ASA code, also known as Lina) that aren't exposed directly in the GUI yet. You can change protocol inspection policies that way.
SNMP monitoring can be set from the FMC GUI under Devices > Platform Settings as shown below:
06-22-2017 09:52 AM
SNMP is not a issue PPTP does't seems to be working in any nat configuration more that this its not matched by security policies as its matching default tunnel policy any ideas ?
06-23-2017 05:27 AM
Were you able to create and deploy a FlexConfig to inspect pptp?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide