Cisco Community
English
Register
We're here for you! LEARN about free offerings and business continuity best practices during the COVID-19 pandemic
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
360
Views
0
Helpful
3
Replies
Highlighted
Antonio Macia
Antonio Macia Participant
Participant
‎11-10-2019 12:29 AM
‎11-10-2019 12:29 AM

FTD management interface on FP2100

Hi,

 

We need to setup an FMC on a different subnet than the FTD management interface so I will configure the gateway on this interface to reach the FMC. At the same time, the management interface will be connected to the same network than the production traffic, so it will have an IP on the same range than the internal firewall interface and also a the same static route towards the internal router like the management interface. Is this supported by FTD? Does the management interface reside on a different VRF?

 

Regards.

Labels:
Everyone's tags (2)
0 Helpful
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Francesco Molino
VIP Advisor Francesco Molino VIP Advisor
VIP Advisor
‎11-11-2019 09:27 PM
‎11-11-2019 09:27 PM

Re: FTD management interface on FP2100

Usually when using the same subnet on management and inside, your default gw on mgmt should be the inside interface. However, if you have a switch connecting both interfaces acting as layer 3 you could setup the gw of your management to be the switch IP as well.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

0 Helpful
Reply
3 REPLIES 3
Highlighted
Francesco Molino
VIP Advisor Francesco Molino VIP Advisor
VIP Advisor
‎11-10-2019 08:00 PM
‎11-10-2019 08:00 PM

Re: FTD management interface on FP2100

Hi

The management and data interfaces can be on the same subnet.
Here the documentation:
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/fdm/fptd-fdm-config-guide-610/fptd-fdm-interfaces.html

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Reply
Highlighted
Antonio Macia
Antonio Macia Participant
Participant
‎11-11-2019 11:06 AM
‎11-11-2019 11:06 AM

Re: FTD management interface on FP2100

Hi Francesco,

 

Thanks for your reply. So I could even have a default route on the management interface of the FP2100 that matches the same default route on the LAN FTD interface, right?

In some document I've read, they suggest to configure the management default GW as the IP of the FTD LAN interface which is kind of strange specially during the initial setup where you need that route to reach the FMC, before configuring the rest of the interfaces.

 

Regards.

0 Helpful
Reply
Highlighted
Francesco Molino
VIP Advisor Francesco Molino VIP Advisor
VIP Advisor
‎11-11-2019 09:27 PM
‎11-11-2019 09:27 PM

Re: FTD management interface on FP2100

Usually when using the same subnet on management and inside, your default gw on mgmt should be the inside interface. However, if you have a switch connecting both interfaces acting as layer 3 you could setup the gw of your management to be the switch IP as well.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

0 Helpful
Reply
Latest Contents
AnyConnect Syslog Configuration Example
Created by pcarco on 04-07-2020 10:54 AM
0
5
0
5
This article is intended to be a simple example of configuring AnyConnect relevant syslog messages to be sent from the ASA to a Syslog server.  The syslog server in this example is Spunk but almost any syslog server should be do the job.   The ... view more
NGFW Sprint 2020 Release is Here!
Created by suhegade on 04-07-2020 02:48 AM
0
0
0
0
NGFW Spring 2020 Releases   It’s official! FTD 6.6, ASA 9.14.1, and FXOS 2.8 have been released. We want to thank the hundreds of team members for the tens of thousands of man-hours dedicated to driving this critical release over the finish line. 120... view more
cisco duo integration anyconnect ssl vpn
Created by elite2010 on 04-05-2020 10:59 AM
1
0
1
0
Hi,I was trying to 2fa cisco duo , all the required settings done  as per below . The problem is duo cloud  does nti not getting any request from the asa . So I am not getting any code from the duo https://www.youtube.com/watch?v=6nEvmc8wji... view more
Community Ask Me Anything event- Configuration, Troubleshoot...
Created by ciscomoderator on 04-03-2020 05:38 PM
0
0
0
0
This event continues the conversation of our recent Community Ask Me Anything event "Secure Remote Workers". To   participate   in this event, please use the   button   to ask your questions Here’s your ch... view more
Cognitive Release Note, March 2020: Additional annotations i...
Created by aligarci on 04-02-2020 12:05 PM
0
5
0
5
User Experience Enhancements As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.   Early Access introduces a... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
Spotlight Awards- February 2020

Follow our Social Media Channels