05-29-2021 02:20 AM
Hi,
I need some clarity on FTD, FXOS and FMC.
If I configure TACACS+ for FCM, and Radius for FMC, based on what kind of authentication method that FTD would work.
Recently i removed TACACS+ configuration for FCM, so i am not able to login FTD with AAA credentials. I can login FTD with local credentials only.
If FTD works based on FCM AAA config, which are all the services would inherit from FCM to FTD & FMC to FTD.
05-29-2021 10:06 AM
Management of FTD does not use the FCM AAA configuration.
FTD external authentication is configured under the platform settings policy. https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/platform_settings_for_firepower_threat_defense.html
FTD external authentication supports LDAP or RADIUS.
TACACS+ is not supported for FTD or FMC external authentication, only FCM supports TACACS+ for external authentication.
05-30-2021 09:30 PM
But when i removed the FXOS TACACS+ AAA authentication, i am not able to login FTD with AAA credentials and even FTD is not inherited the AAA configuration from FMC Radius platform settings also. but i can login FTD with local credentials.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide