01-27-2024 11:06 AM
Hi,
Is it feasible to have my FMC in HA but with different subnet? If yes, how will the FTD synchronize to the standby FMC when the primary FMC goes down?
Thank you
01-27-2024 11:22 AM
Hi @fatalXerror the FMC configured as a high availability pair do not need to be on the same trusted management network, nor do they have to be in the same geographic location. If the primary fails you must manually promote the secondary.
01-27-2024 11:26 AM
Hi @Rob Ingram , thanks for your help.
Just a follow through question,
1. If it is feasible, should I register also my FTD to the secondary FMC or it is automatically register once you register the FTD to the primary FMC?
2. What would be the expected status of the secondary FMC in the perspective of the FTD's CLI when you issue "show manager"? Will the FTD CLI shows success or pending for the secondary FMC?
thanks
01-27-2024 11:35 AM
@fatalXerror when FMC HA is setup, devices registered to the primary FMC are automatically registered on the secondary. A second sftunnel management tunnel will be created on the FTD to the secondary FMC.
01-27-2024 11:40 AM
what version of FMC - is this Virtual and Appliance ? ( some License requirement may need to look) hope you are running latest then check below guide :
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide