Re: FTD/FMC Basic Questions

network@bigbenkuwait.com · ‎09-14-2017

Hello Guys,

Following are basics, but I'm new to the FTD/FMC, just have a quick questions:

I've FTD 4100 series managed by FMC.

FTD image is used on FP4100.

1. How can i do ping test from the firewall.

Is it through FMC or FTD?

CLI/GUI?

2. If i'm creating a dynamic routing protocol such as OSPF.

How can i troublshoot it? FMC or FTD?

CLI/GUI?

How can i check the status of ospf? neighbors?....etc

3. How can i do packet tracer (same as old ASA)? is it available?

4. If i'm doing a connection test between servers behind the firewall, how can i see the real time logs for troublshooting what is going on?

Thanks in advance.

Regards

Marvin Rhoads · ‎09-19-2017

1. FTD cli.

2. Most of the show commands you are used to from ASA code are still available on the FTD cli.

3. packet-tracer utility is available from both the sensor (FTD) cli and FMC GUI. In the GUI it is under "System > Health > Monitor". Select the sensor there and then Advanced Troubleshooting (requires FMC 6.2 or later). Note you can remotely execute cli commands from this same location.

4. The connection events table is the best place to start (Analysis > Connections > Events). Filter the source or destination IP address and you will have a good view of the traffic through the device. Drop to packet-tracer or capture if needed for more in-depth troubleshooting.

davsnet2000 · ‎02-25-2022

Marvin, how is the ACTION column used? When it says "Allow" does it mean that it is currently blocked and you can allow the traffic or is the ALLOW mean it's currently being allowed?

Marvin Rhoads · ‎02-26-2022

@davsnet2000 the ACTION column is the record of what action was actually taken by the device. So ALLOW means that the connection was allowed.