cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

894
Views
0
Helpful
7
Replies

FMCv remotely managing an FTD

Hi Everyone!

 

Is it possible to manage via FMCv several remote FTDs or must the FMCv be deployed on the same LAN as the FTDs?

Today I have devices on different clients with FDM and wanted to manage them via FMCv.

 

Thanks!

7 REPLIES 7
Rob Ingram
VIP Mentor

Hi,
Yes you can manage remote FTDs from FMCv, they do not need to be on the same LAN. The FTD's will obviously need a management IP address that is able to reach the FMC.

HTH

So for reach the device is only for the manegement interface? If I try manage via outside interface is possible? Because today my management interface isn't configured.

Unfortunately no, communication is between the FTD's management interface and the FMC and is mandatory. Reference here.

 

HTH

One doubt, today the FTD is all configured via FDM, if I put FMCv it will lose the configuration, so I back the FDM backup image would be possible via the Mangement interface? Would it always be online?

 

Thanks!

If converting from FDM managed to FMC, you could just wipe the config by temporarily changing the firewall mode from routed to transparent and then back to routed. More information here. I don't believe it resets the management interface IP address (I don't have an FTD to check right now), but you may wish to confirm before doing it on a remote FTD.

I have read the site you submitted and understand that when I switch FTD to another mode, I will lose all previously configured features.

If you follow those instructions to change from routed to transparent and back to routed mode, this removes the configuration including the data interfaces configuration. The management interface configuration (IP address/gateway) is NOT reset. I tested in the lab and completed the entire process by connecting to the management IP using SSH.

 

After the configuration has been reset, you can then configure the FMC as the manager.

 

HTH

Create
Recognize Your Peers
Content for Community-Ad