01-21-2020 02:36 AM - edited 02-21-2020 09:50 AM
Hi all
Does anyone know how to globally set SSH access list?
I have Cisco FMC/FTD 6.2.3.x
There's no setting for it from the platform settings section
I tried to use flexconfig bu "configure ssh-access-list" is a blocked command...
Any ideas greatly appreciated, its such a waste of time to manually set it on the CLI for each firewall we deploy
Thanks in advance
01-21-2020 04:08 AM
I don't have a 6.2 FMC in front of me but on 6.5, if you create platform settings for device type "Threat Defense" (FTD) there is an option to add settings for Secure Shell (i.e., the access-list you're asking about).
01-22-2020 12:23 PM
What Marvin said. You need to upgrade to a more recent release where this feature is available in the platform settings under "Secure Shell"
Thank you for rating helpful posts!
01-22-2020 03:21 PM - edited 01-22-2020 03:22 PM
I have the "secure shell" option but that only allows you to set an ACL for other interfaces, not the mgmt interface .. unless thats the part that changed in 6.5?
Unfortunately I can't upgrade past 6.2 because we deployed our whole company on ASA5506Xs with FTD, only to learn several weeks later that Cisco discontinued support for them , despite the hardware being less than 3 years old ... I wont be using Cisco firewalls in the future because of that, to be frank
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide