11-08-2023 12:08 AM - edited 11-08-2023 12:19 AM
Hello,
I need to pre-stage a Firepower 1010 and send it to one of our remote offices. This device will replace an old 5506-X with ASA software.
The new device will run FTD software and will be managed by a FMC over the Internet using the datainterface.
The FMC is behind an ISP router and is not directly addressable (all devices are sharing a single public IP from the ISP)
When I add this FMC from the FTD device, will it be enough to run the following command?
'configure manager add DONTRESOLVE [registration key ] [ NAT ID ]'
Also, if we were able to get another public IP address from the ISP and could make a static nat pointing to the FMC's private address, would I then run the following command instead or should I still use the NAT ID keyword at the end?
'configure manager add [public ip] [registration key ]
Thanks
/Chess
Solved! Go to Solution.
11-08-2023 11:12 AM
What you have is correct.
You also need to set the remote FTD to use the dataplane interface for management. Here's a video walking you through that:
11-08-2023 11:12 AM
What you have is correct.
You also need to set the remote FTD to use the dataplane interface for management. Here's a video walking you through that:
11-08-2023 01:33 PM
NAT ID use when ftd behind NAT not
FMC behind NAT.
For your case can use outside as mgmt (which is public).
Thanks A Lot
MHM
11-09-2023 06:33 AM
Thank you, guys.
/Chess
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide