Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2523
Views
1
Helpful
3
Replies

FTD management interface on FP2100

Go to solution
Antonio Macia
Level 3
Level 3

‎11-10-2019 12:29 AM - edited ‎02-21-2020 09:41 AM

Hi,

 

We need to setup an FMC on a different subnet than the FTD management interface so I will configure the gateway on this interface to reach the FMC. At the same time, the management interface will be connected to the same network than the production traffic, so it will have an IP on the same range than the internal firewall interface and also a the same static route towards the internal router like the management interface. Is this supported by FTD? Does the management interface reside on a different VRF?

 

Regards.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to Antonio Macia

‎11-11-2019 09:27 PM

Usually when using the same subnet on management and inside, your default gw on mgmt should be the inside interface. However, if you have a switch connecting both interfaces acting as layer 3 you could setup the gw of your management to be the switch IP as well.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

3 Replies 3

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎11-10-2019 08:00 PM

Hi

The management and data interfaces can be on the same subnet.
Here the documentation:
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm-interfaces.html

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
Antonio Macia
Level 3
Level 3
In response to Francesco Molino

‎11-11-2019 11:06 AM

Hi Francesco,

 

Thanks for your reply. So I could even have a default route on the management interface of the FP2100 that matches the same default route on the LAN FTD interface, right?

In some document I've read, they suggest to configure the management default GW as the IP of the FTD LAN interface which is kind of strange specially during the initial setup where you need that route to reach the FMC, before configuring the rest of the interfaces.

 

Regards.

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to Antonio Macia

‎11-11-2019 09:27 PM

Usually when using the same subnet on management and inside, your default gw on mgmt should be the inside interface. However, if you have a switch connecting both interfaces acting as layer 3 you could setup the gw of your management to be the switch IP as well.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card