cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
490
Views
0
Helpful
1
Replies

firepower Managment

adamgibs7
Level 6
Level 6

Dears,

I am replacing the legacy firewall to new 55XX-X I have migrated the configuration but not brought it live, I have some question below.

management 0/0 is in different ip address than a inside interface, inside and management are connecting to the core switch where routing is happening in between them ----is it ok by design perspective.???

if I want to download firepower updates its the firesight that goes to the internet and gets the update then it will deployed from firsight system to firepower ------pls correct me if I m wrong ??

I have not brought the inside, outside, dmz interfaces of the ASA becz it will conflict the ip's with the existing live asa , so I will connect the management port to the network and try to add the realm ( AD servers ) to start work with user agent, all communication between the firepower and AD will be through management port of the firepower?????

thanks

1 Reply 1

yogdhanu
Cisco Employee
Cisco Employee

Hi

You can do it.  Firepower will communicate via management port (ASA and firepower share the same management physical port)

This article about different scenarios might help.

http://www.cisco.com/c/en/us/support/docs/security/ips-sensor-software-version-71/113690-ips-config-mod-00.html

Thanks

Yogesh

Review Cisco Networking for a $25 gift card