Solved: Re: Firepower 1140 Multiple WAN ports

00u18jg7x27DHjRMh5d7 · ‎01-27-2022

I'm attempting to configure a Cisco FP 1140 for Failover on 2 ports 1/1 & 1/3 configured with 2 different ISP's I have created an SLA monitor for both.

The Firepower keeps defaulting to the 1/1 port for the WAN connection even with 1/3 port having an active ISP connection and having both ports in the Outside group continues to say no ISP/Gateway connection and when conducting packet trackers when 1/1 is disconnected says outside ports are down.

Will the FP not allow multiple WAN connections?

This is all configured with FTD ---- NOT FMC

Thanks.

Rob Ingram · ‎01-27-2022

@00u18jg7x27DHjRMh5d7 yes you can do this managing the FTD locally using FDM.

If you've setup SLA monitor and the primary ISP connection goes down, what is the operational state?

Is the primary default route removed?

Refer to this example here for more information on configuration and troubleshooting steps.

View solution in original post

Rob Ingram · ‎01-27-2022

@00u18jg7x27DHjRMh5d7 yes you can do this managing the FTD locally using FDM.

If you've setup SLA monitor and the primary ISP connection goes down, what is the operational state?

Is the primary default route removed?

Refer to this example here for more information on configuration and troubleshooting steps.

00u18jg7x27DHjRMh5d7 · ‎01-27-2022

Most of this I had configured ex the Dynamic NAT policy, it looks like its working i can ping outside the network the diagram on home page isn't showing ISP connection but I believe that just shows 1/1 connection only.

Thanks for the assistance