Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1031
Views
2
Helpful
4
Replies

FTD HA Standby IP Addresss

Go to solution
taro75
Level 1
Level 1

‎10-16-2023 09:36 AM

I am settings up FTD2110 in HA using FDM (web console). Is it mandatory to define standby IP address for each interface in HA?

If I have to monitor both firewalls in NMS, can I achieve this by assigning standby IP address?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP
In response to taro75

‎10-16-2023 09:47 AM

@taro75 correct, you'd need a standby IP address to monitor the FTD via NMS.

"Without a standby IP address, the active unit cannot perform network tests to check the standby interface health; it can only track the link state. You also cannot connect to the standby unit on that interface for management purposes."  from the same link above.

View solution in original post

4 Replies 4

Go to solution
MHM Cisco World
VIP
VIP

‎10-16-2023 09:41 AM

Yes 

You need to config IP for standby unit interfaces 

0 Helpful

Go to solution
Rob Ingram
VIP
VIP

‎10-16-2023 09:42 AM - edited ‎10-16-2023 09:45 AM

@taro75 it's not mandatory, but you can only monitor an interface if you configure standby IP addresses for it.

https://www.cisco.com/c/en/us/td/docs/security/firepower/710/fdm/fptd-fdm-config-guide-710/fptd-fdm-ha.html

Configure Standby IP and MAC Addresses

When you configure your interfaces, you can specify an active IP address and a standby IP address on the same network. Although recommended, the standby address is not required

Go to solution
taro75
Level 1
Level 1
In response to Rob Ingram

‎10-16-2023 09:44 AM

OK, that means if I have to monitor both firewalls on NMS (network monitor systems) I can achieve this by defining standby IP address. Am I correct?

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to taro75

‎10-16-2023 09:47 AM

@taro75 correct, you'd need a standby IP address to monitor the FTD via NMS.

"Without a standby IP address, the active unit cannot perform network tests to check the standby interface health; it can only track the link state. You also cannot connect to the standby unit on that interface for management purposes."  from the same link above.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card