Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1359
Views
5
Helpful
3
Replies

FTD virtual appliance in AWS

Go to solution
sweigle88
Level 1
Level 1

‎12-21-2021 03:29 PM

Hi,

 

We would like to perform various testing on the Cisco Firepower and therefore we would like to stand up a Firepower in AWS.  I've created a cloudformation template and subscribed to the firepower aws subscription.  I created 4 network interfaces and they are attached to the instance as described in the deployment documents published by cisco for their aws appliance, but it appears to only have one interface in the config that it is using:

> show ip

System IP Addresses:

Interface Name IP address Subnet mask Method

TenGigabitEthernet0/0 outside 100.64.37.81 255.255.255.128 DHCP

TenGigabitEthernet0/1 inside 192.168.45.1 255.255.255.0 manual

 

The management interface is not set. 

 

Is there a way to configure this virutal appliance via the command line?  It has been a while for me, but I'm used to IOS and configuring via the command line, but all I see is that you need to use a GUI for these firewalls?

 

thanks

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-21-2021 07:36 PM

"show network" will show the management interface details.

Firepower requires using a GUI (API is available for some things). It is usually FMC (a separate centralized server) when running multiple FTD devices but you can also use the local GUI known as Firepower Device Manager. There's also a cloud-based option - CDO.

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/aws/ftdv-aws-gsg/ftdv-aws-fdm.html

View solution in original post

3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-21-2021 07:36 PM

"show network" will show the management interface details.

Firepower requires using a GUI (API is available for some things). It is usually FMC (a separate centralized server) when running multiple FTD devices but you can also use the local GUI known as Firepower Device Manager. There's also a cloud-based option - CDO.

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/aws/ftdv-aws-gsg/ftdv-aws-fdm.html

Go to solution
sweigle88
Level 1
Level 1
In response to Marvin Rhoads

‎12-21-2021 09:15 PM

Thanks Marvin.  I did see that you can configure these firewalls through Ansible.  Through User Data, it sure would be nice to place an initial config on it.    It just would be nice to not have to worry about another machine or how to securely connect to the firewall for initial configuration.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to sweigle88

‎12-21-2021 11:11 PM

I've not done it myself but you can automate FTD deployment using Terraform and the like.

Have a look at this YouTube series:

https://www.youtube.com/watch?v=TvcuXP3Yn-0

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card