Hi Marvin,

Thanks for the reply. 

Actually you have hit the basic point which i have not understood till now.

What is ASA firepower 4110 and what is only firepower 4110. Why there is a ASA word here

Because there is no ASA CLI syntax , GUI , ASDM coming in picture here. I have attached home screen of the box which is delivered at my client place. 

It is a 1U hardware and its written as FPR 4110 on the box also Cisco logo on the box, so i believe is a box with ASA on Firepower 4110.

(What it mean by ASA on firepower 4110?)

I am not able to make interface up, not able to make HA, not able to see where to configure policies, not able to create logical interfaces. i am just playing in scope and create objects but when i am trying to do commit-buffer , it is not saving also by throwing error that "box is configured in standlone mode or something"

I will highly appreciate if you can educate me on this :)

Regards

Rajhans

The Cisco FirePOWER 4100 series is a multi-purpose security services platform that can host either an ASA or FirePOWER Threat Defense (FTD) logical device. (One or the other but never both.) (It can also host a Radware VPro DDOS application but that is MUCH less common.)

Each respective image has its own Quick Start Guide, found here:

http://www.cisco.com/c/en/us/support/security/firepower-4100-series/products-installation-guides-list.html

The graphical interface you see when accessing the chassis via the dedicated management interface is known as FirePOWER Chassis Manager (FCM). It is used to manage primarily the physical appliance and to deploy the logical devices.

Once you deploy an ASA or FTD logical device, you assign physical interfaces (or create and assign Etherchannels) to it, enable them and then proceed to configure the logical devices via their own respective assigned management interface (generally NOT the appliance management interface although you can connect to a logical device command line via an ssh session the appliance.) Subinterface configuration would be within the logical device.

The procedure for deploying logical devices is covered in the FXOS FirePOWER Chassis Manager configuration Guide here:

http://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/fxos211/web-config/b_GUI_ConfigGuide_FXOS_211/logical_devices.html

An ASA logical device is then configured as usual - via cli or ASDM.

An FTD logical device is configured via a local management utility (FirePOWER Device Manager or FDM) or remotely via a FirePOWER Management Center. The latter is the most common as FDM has some limitations.

You need to check the customer order to see which logical device type was specified. You will also need to register the chassis on the Cisoc Smart License portal in preparation for applying licenses to the logical device you install.

Hi,

How are the Firepower security features (Threat, Malware and URL Filtering) configured by running the ASA image on the FPR4110? It is necessary / possible to add the security modules: ASA and FTD simultaneously in the FRP4110? Or does it only support the features of the ASA itself when using your image?

Tks;

Ronaldo

An ASA logical image does not support FirePOWER features.

You can only run a single logical image type on a given chassis. (The 9300 can run multiple logical image instances but they must all be the same type.)

hi Marvin,

Its is possible to configure FTD on 4110 through command line? I have to deploy a cluster in transparent mode with BVIs. I am not even able to create sub-interfaces for these BVIs (through cli).

Can you please help me out here .

Thanks