Hi Claudiu

Thanks, but I was not able to find any reference to BFD. It only talks about Flex config.

BFD is a configuration under OSPF and BGP routing on the classic ASA as of release 9.6(2).

http://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/general/asa-96-general-config/intro-intro.html

While Flexconfig does allow one to go "under the covers" of the FTD code to modify bits of the Lina configuration (classic ASA code) that are not yet exposed in the FTD GUIs (FirePOWER Device Manager or FirePOWER Management Center), the feature is constrained. Among the constraints are the blacklisting of certain commands.

Relevant to this thread is the fact that BGP and OSPF/OSPFv3 configuration commands are all blacklisted. This is noted in the following:

http://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/flexconfig_policies.html#reference_ztv_qvw_yx

They did not explicitly include the BFD commands; but I am pretty sure they are excluded as well and their not being included inthe blacklist is a documentation oversight as the feature is brand new to ASA.

Hi Marvin

Thanks a lot. What about VRRP/HSRP support?

You're welcome.

Definitely no on the HSRP / VRRP.

FTD does not use the same concept as those first hop redundancy protocols to establish itself as a high availability gateway.

It instead uses the built-in HA capability that gives you a virtual IP that floats between the Primary and Secondary units as they become active.

Hi Marvin

Thanks a lot.

You're welcome. Please rate if the answers helped.