Re: Cisco Firepower Management Center (FMC) Configuration

sumedh0991 · ‎02-12-2025

Hello Community,

I have configured my Cisco Firepower Management Center (FMC) using the UI. Now I want to retrieve these configurations using any of the following methods,

CLI
API
File Export

Also, I want to verify whether my device setup is correct.

Any guidance would be greatly appreciated.

Thanks!

Marvin Rhoads · ‎02-12-2025

FMC backups are done via the backup scheduling feature in the GUI. You can save backups locally on the FMC and copy them off to an external location as you like to setup a remote storage target so that the backups go there automatically. The backups are tar.gz files and not really easily human-readable though.

"Correct" varies widely according to what your requirements are.

anuoluwapo-bankole · ‎03-28-2025

Hello Mr. Marvin,

Why are we having N/A or manage under the chassis in FMC? Some will have the device's name under the chassis.

Example:

Marvin Rhoads · ‎03-28-2025

There are multiple modes of chassis and logical device across the different hardware platforms. You are seeing an artifact of that in your screenshots.

anuoluwapo-bankole · ‎03-28-2025

Hello sir,

Are you saying it's a normal thing to see such under your chassis in FMC

Marvin Rhoads · ‎03-28-2025

Yes - completely normal and not a cause for concern.

anuoluwapo-bankole · ‎03-28-2025

Hello Sir,

So, why do we have different outputs for the various FTD devices in the chassis column, and what do you think the correct settings should be?

Marvin Rhoads · ‎03-30-2025

It's not a matter of you making settings. It's just a reflection that some platforms offer a separate chassis management function and others do not. Bottom line is that is is not anything that affects the device passing traffic and is generally not anything you need to be concerned about how it looks.

Marvin Rhoads · ‎04-02-2025

@anuoluwapo-bankole

The cosmetic bug on the 1000 series is fixed in 7.7.0 (and should be included in the upcoming 7.6.1).

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj80790

sumedh0991 · ‎03-31-2025

Thanks Marvin for the reply,

I'm not worried about the backup of the device.

I want the configuration to be fetched from the via command like "show running-config" that we used to do in the other Cisco devices or API.

Marvin Rhoads · ‎04-02-2025

@sumedh0991 are you asking about FTD device backup? You can get that via "show running-config" but it will not be 100% complete as it references objects that are not stored in human-readable plain text but rather as database entries. Same thing for the IPS rules, Security Intelligence lists etc.