FDT Deployment

Learnercisco · ‎08-20-2022

Hi tech people,

I have deployed the active/standby FTD with FMC behind the NAT Routers(Internet edge router). My FTDs are in Route Mode. I want to use the ftd as a NGFW firewall to protecting my LAN and upstream router. In this scenario my routing is working and user can use the Internet but I observed that my policies are not working to block the desire traffic through the firewall. Do I need to do somen changes in design or I can protect my system using intrusion prevention with balance security in place. You suggestion will be high appreciated.

Thanks for your support.

balaji.bandi · ‎08-21-2022

 but I observed that my policies are not working to block the desire traffic through the firewall

what is the version of FTD, is this managed by FMC ? what traffic example, Hope you have a Licensed for IPS.

some reference :

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/configuration/guide/fpmc-config-guide-v70/threat_defense_service_policies.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎08-21-2022

may be FTD prefilter policy allow all traffic pass through FTD ?

Meddane · ‎08-21-2022

If you want to understand and diagnostic your issues You need to master two things on FTD:

-packet flow on FTD through different policies and the logic of each policy: prefilter policy, SSL Policy, Access Control Policy, File policy and Intrusion policy.

-understand the log analysis through the event viewer on FMC.

I advice to go through the two points listed above.

Best regards

Redouane

Meddane · ‎09-30-2022

If you want to understand and diagnostic your issues You need to master two things on FTD:

-packet flow on FTD through different policies and the logic of each policy: prefilter policy, SSL Policy, Access Control Policy, File policy and Intrusion policy.

-understand the log analysis through the evekt viewer on FMC.

I advice to go through the two points listed above.

Best regards

Redouane