cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

5127
Views
10
Helpful
8
Replies
Highlighted
Beginner

FTD with FDM Dual ISP Failover

I'm using ASA 5506X with FTD and i'm managing the ASA with FDM i'm not using FMC to manage my ASA. I want to configure failover between two ISP through Firepower Device Manager (FDM) but i'm unable to see any option to track the interface for going down like we can configure the rest stuff using ASDM with IP SLA track object etc etc, But in FDM i can't see any of these option.

 

Please suggest how to configure failover for dual ISP using FDM.

I have 6.2.0 version of ASA FTD.

Or any document for CLI to configure the requirement please share.

 

Thank you all

8 REPLIES 8
Highlighted
Rising star

Hello,

 

The dual ISP config requires reusable object called 'sla monitor' and then this needs to be called under interface. If these options are not available in FDM (which is likely), then it is recommended to install and use FMC. Either ways, the flex config related config can only be done in FMC and is a better and efficient way to manager ASA running FTD.

 

https://community.cisco.com/t5/firewalls/ftd-vs-fmc/td-p/3017936

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/reusable_objects.html#task_F02660A479A14815A29083B8862266B1

 

 

 

HTH
AJ

Highlighted
Hall of Fame Guru

You might also wait until Firepower release 6.3. It should be out soon (October-ish) and will include a large number of enhancements in the things you can do with FDM.

Highlighted

Thank you for your response, so i cannot configure isp failover or load balance with FTD 6.2 ? 

Highlighted

@Marvin Rhoads

 

is 6.3 still on the table for october? 

Please remember to rate useful posts, by clicking on the stars below.

Highlighted

Hi, i have the same issue with ASA 5508-x with FDM. I have upgraded to 6.3 but still there is no option to configure this. Also i cant configure two 0/0 routes with different outside interfaces and different metrics.

Highlighted

Hi, you must have FMC to configure these requirements right now, But cisco have a plan in future to integrate these features with FDM.

Highlighted

Hello guys,

do you know if its already supported having dual ISP failover on a FTD firewall managed with FDM?, or at least in roadmap?

I believe its a basic feature for many customers.

Thanks in advance

Highlighted
Hall of Fame Guru

SLA Monitor (including using it with route tracking for the dual ISP failover use case) will be configurable via the Firepower Device Manager (FDM) on-box manager GUI in version 6.7. Expect it to be released within the next month.

FDM 6.7 SLA Monitor.PNG

 

Content for Community-Ad