Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
144
Views
0
Helpful
0
Replies

FTD Back-to-Back VXLAN

packet2020
Level 1
Level 1

‎02-06-2025 04:45 PM - edited ‎02-06-2025 04:46 PM

Hi All,

I currently have 2 HA pairs of 4200 FTDs, 1 pair located in DC 1 and the other located in DC 2. The firewalls are used to terminate a number of VRFs that we operate within each data centre. All VRFs default to the local firewall. To avoid issues such as assymetric routing when routing inter-VRF traffic across sites, we need to he ability to connect the firewalls togther to ensure that ingress and agress traffic stays stateful. 

I have done this in the past using a dedicated transit VRF that all firewalls connect to, however I recently noticed that FTD now supports VXLAN tunnels when configured using FMC which will allow me to create a virtual connection between the firewalls which we can then use to pass inter-VRF, inter-site traffic. The topology will be similar to the one in the following

https://www.cisco.com/c/en/us/support/docs/security/secure-firewall-management-center/221043-configure-vxlan-interfaces-on-secure-ftd.html

Has anyone set this up before and any issues or limitations to be aware of? Also can we use BGP across this in addition to static routing?

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card