Solved: Cisco Firepower 2100 FTD 6.3 with VPNs

l.escartin · ‎02-13-2019

Hello friends,

Is it possible to configure VPNS (site to site & anyconnect) on a Firepower 2130 NGFW with FPR2130 Threat Defense Threat, Malware and URL License (FTD 6.3)?

Marvin Rhoads · ‎02-14-2019

As @Rob Ingram noted it is supported. I have several with just that.

You will also need an AnyConnect smart license (either Plus, Apex or VPN-only) for the remote access VPN.

View solution in original post

Rob Ingram · ‎02-13-2019

Hi,
Yes, both Site-to-Site (Hub-and-Spoke and Point-to-Point) and Remote Access VPN's (AnyConnect) are supported on FTD 6.3

HTH

Marvin Rhoads · ‎02-14-2019

As @Rob Ingram noted it is supported. I have several with just that.

You will also need an AnyConnect smart license (either Plus, Apex or VPN-only) for the remote access VPN.

mladachwi07 · ‎02-21-2019

The FTD's are capable of site to site and remote access VPNs. Be aware that only basic functionality of AnyConnect is supported on the FTD's. The FTD's do not support advanced AnyConnect features such as Posture, NAC, or ISE integration. I was told by Cisco that a lot of customers are asking for this, but these features are not on the FTD roadmap. If you want to use AnyConnect on the FTD, the Plus license is all you need - the additional features included with the Apex license are not available on the FTD platform.

We learned this the hard way with our 2110's. They have since been replaced by ASA's with FirePower services for remote-access.