FTD 4120 feature question

ymadheka · ‎01-03-2017

Hi Team,

We are working on a RFP and need clarity on below features:

Firewall should support AAA integration via Radius and TACACS. We understand Radius is supported.
Firewall should support and integrate with Two Factor Authentication mechanisms.

Thanks & Regards,

Yogesh Madhekar

Marvin Rhoads · ‎01-03-2017

FTD-based firewalls are all managed via FirePOWER Management Center (FMC). FMC can use LDAP or RADIUS servers but not TACACS.

The 4100 series additionally runs FX-OS for the local logins to the cli and to FirePOWER Chassis Manager (FCM).

FCM can use TACACS: http://www.cisco.com/c/en/us/td/docs/security/firepower/fxos/fxos201/web-config/b_GUI_ConfigGuide_FXOS_201/platform_settings.html#topic_235A8EDB92A9497188AC71BC134B5A54

Two factor authentication is not natively supported in either FMC or FCM but you can use it with your backend RADIUS server and thus get it indirectly.

ymadheka · ‎01-04-2017

Hi Marvin,

Thanks for the reply.

One more thing Does FTD platform support for track or object based failover solution?

Marvin Rhoads · ‎01-04-2017

Not at this time. FTD routing is as of vdersion 6.2 is not quite up to full feature parity with the ASA routing capabilities. We hope to see some enhancements in the upcoming 6.2 release.

pemasirid · ‎12-20-2017

Hi,

Has anyone configured Radius Server on FMC and push that configuration to managed devices.?, I can see on FMC there is an option to configure RADIUS server (under Objects) but that configuration is not able to push to the managed devices, when you configure LDAP is shows under aaa-serve group and just wondering how radius server configuration done in FMC and FTD.

thanks