cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
26690
Views
75
Helpful
21
Replies

FTD: Need to Change MGMT IP

Piyush_Sharma
Beginner
Beginner

Hi,

 

I need to change the management IP of both FTD running in HA and FMC will be the same.

 

Please suggest how to do it best way, as after de-registering from previously IP from FMC, we need to re-register to FMC with new IP.

21 Replies 21

Rodrigo Gurriti
Participant
Participant

I would:

1 - Place the HA in maintenance to suspend them up. ( do not break because that will erase the failover config)

 

2- delete the manager from the FTD: 

configure manager delete

 

3 - remove the device from FMC

Devices > Device Management

 

4 -  change the IPs of the FTD:

 

configure network ipv4 manual ipaddr netmask gw [ management_interface]

 

5 - Add the manager back on FTD:

configure manager add

 

6 - Add the FTD to the FMC and reply the configuration. 

Devices > Device Management

7 - When you re-deploy your policies there will be a traffic interruption.  I would do this during a maintenance window. 

 

I haven't seen any documentation on Cisco's website for this procedure. 

HI Rodrigo Gurriti,

 

While re-adding the device to FMC againg HA-needs to be configured...??

 

Will FMC automatically detect the HA..??? i just need to add both device..???

Wow. It worked well. Many thanks

Does the act of deleting the manager from the FTD device cause the device to loose its configuration? The way you worded your steps it sounds like the answer is no (which is great!) but I just wanted to verify. If the only traffic interruption you get it from the policy redeployment and there is no need to reconfigure all of the interfaces that is actually a very seamless process. I am in a similar situation and will need to do this myself soon. 

Hi @brandonbittinger 

The command "configure manager delete" resets the FTD configuration to default, so completely removes the FTD configuration (access control policies, data interfaces etc). The management interface configuration is not removed.

 

Reference here.

 

HTH