Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1998
Views
5
Helpful
1
Replies

Connect to FMC through outside of FTD

Go to solution
najarian
Level 1
Level 1

‎10-12-2020 01:45 PM

Hi,

I am thinking that if it is possible or not, that I can connect to FMC via NAT configuration on FTD on (specific port/Forwarding ) from the OUTside interface of FTD. is that possible? it means that traffic comes from interface Outside of FTD, and then routed to FMC via the Management interface of FTD?

the reason behind: I don't want to open traffic from Intenet to FMC directly, and I want that FTD was responsible for this connection.

 

thanks

ashkan

Mohammad najarian
CCIE #65604
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-13-2020 12:42 AM

Yes you can do that.

Note that the communications from a managed device to FMC are always encrypted (TLS over tcp/8305). So you could give your remote FMC a public NAT with an ACL on whatever firewall serves it and thus restrict incoming traffic that way as well.

View solution in original post

1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-13-2020 12:42 AM

Yes you can do that.

Note that the communications from a managed device to FMC are always encrypted (TLS over tcp/8305). So you could give your remote FMC a public NAT with an ACL on whatever firewall serves it and thus restrict incoming traffic that way as well.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card