Configuring a Firepower 1120 via the API? NO FMC present.

Chris Schroeder · ‎03-16-2021

We have the following hardware:

Model Cisco Firepower 1120 Threat Defense Software 6.6.1-91 VDB
341.0 Intrusion Rule Update

I have a general questions about how things are labeled with Firepower.

FDM=Firewall Device Manager. Since we have a hardware Firepower 1120 box, we can use either the CLI or the Firewall Device Manager (which is just the default web interface for the hardware) to configure the box.

FTD=Firewall Threat Defense -- I don't know if this is a concept, an interface or service or just another confusing name. I don't know what "FTD" is in relation to the default web configuration (FDM).

FMC=Firewall Management Console -- Separate software that runs on a server and allows you to manage multiple FTD chassis as well as other configurations such as high availability. It costs more, and we do not have it. I have seen the software image available for download on Cisco's software library.

I want to use the API to configure my Firepower 1120. The web interface for this hardware (once again called FDM) has a section on it that allows you to generate different API strings. Documentation for the 1120 says that the API is enabled by default. However, I cannot find the configuration option in the CLI or the FDM that enables or disables the API.

Key question: Can I use the API (via curl or powershell) to configure my Firepower 1120 if I do NOT also have an FMC?

Rob Ingram · ‎03-16-2021

Hi @Chris Schroeder

Yes you can use the API via curl or python to configure FDM.

Reference here:

https://developer.cisco.com/site/ftd-api-reference/