Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3116
Views
5
Helpful
3
Replies

Firepower HA Design

JonMoss61263
Level 1
Level 1

‎02-03-2021 08:24 AM

Hi all, i'm looking for some clarification.  We have two firepower 1120 which we want to deploy in HA active/standby configuration.

I have been reading up on my options around interface redundancy, and as far as I can tell we cannot operate with redundant interfaces unless we also have the FMC in the solution.

Please see the attached diagram for reference, is there any other way of achieving the design on the right without an FMC?

Thanks

Preview file
88 KB
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎02-03-2021 08:39 AM

Hi @JonMoss61263 

Correct, you cannot configured redundant interfaces as of FDM 6.7 without an FMC.

What switches are you connecting the FTD's to? Etherchannel is supported on FDM, so if the switches were VSS, VPC of VSW you could use etherchannel.

JonMoss61263
Level 1
Level 1
In response to Rob Ingram

‎02-03-2021 09:35 AM

Thanks for the reply Rob, switches are Meraki MS series, stack of two - I believe they do support LACP

 

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎02-03-2021 08:51 AM

Most my deployment are using FMC, but reading the document with FDM is feasible, check this out. ( i have not got chance to play wit FDM)

 

https://docs.defenseorchestrator.com/Configuration_Guides/Firepower_Threat_Defense_High_Availability/0010_Firepower_Threat_Defense_High_Availability_Pair_Requirements

 

https://www.youtube.com/watch?v=myE8aIgFFeE

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card