Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3010
Views
10
Helpful
3
Replies

HELP! FPW2130 FTD manage by FMC without internet connection

Go to solution
tht1013
Level 1
Level 1

‎10-21-2020 02:09 AM

Hi,

We buy 2 ASA5545-x with firepower services 2 years ago and it work well in our company.

Because there is no internet connection in our network.So we use the classic license  to regeist the FIREPOWER service and download the IPS rule every month. and upload it by hand.

Now we need buy 2 Firewall. But the ASA series is going to EOS. So the options is only Firepower 2100 series.

But i check the document. Because we need the IPS. so the only options is running the FTD software.

But FTD is the SMART license. MUST have a internet connection. But our company policy is not allow any devices in the network to connect to the internet. So it bother me so much. Is there any solution that FPW2100 running FTD that doesn't need the internet connection. Thanks for any help.

 

Tom

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎10-21-2020 02:45 AM

Hi,

Smart Licensing have 'satellite' feature which basically puts a virtual
appliance in your environment to connect to internet for smart licensing.
All your appliances communicate with this VM internally.

https://www.cisco.com/web/software/286285517/137012/Smart_Software_Manager_satellite_3.0.4_Installation_Guide.pdf

https://www.cisco.com/c/dam/en_us/buy/smart-accounts/ssm-satellite-enhanced-edition-faqs-2018.pdf

**** please remember to rate useful posts

View solution in original post

3 Replies 3

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎10-21-2020 02:45 AM

Hi,

Smart Licensing have 'satellite' feature which basically puts a virtual
appliance in your environment to connect to internet for smart licensing.
All your appliances communicate with this VM internally.

https://www.cisco.com/web/software/286285517/137012/Smart_Software_Manager_satellite_3.0.4_Installation_Guide.pdf

https://www.cisco.com/c/dam/en_us/buy/smart-accounts/ssm-satellite-enhanced-edition-faqs-2018.pdf

**** please remember to rate useful posts

Go to solution
tht1013
Level 1
Level 1
In response to Mohammed al Baqari

‎10-21-2020 06:19 PM

Hi Mohammed,

Thanks for replying. As you mentioned i saw the solution you provided. But it seems that the satelite server MUST connect internet.

Because the network enviroment do not allow any internet connection include the satelite server. Is there otherway to solve the license problem?Thank you very much.

 

Tom

Go to solution
Mohammed al Baqari
Level 11
Level 11
In response to tht1013

‎10-21-2020 11:30 PM

No, this is the only option. You can create a new zone isolated for
satellite server and let it connect to internet. It needs outbound
connection only using 443. No need for inbound connections.

***** please remember to rate useful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card