Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1756
Views
1
Helpful
4
Replies

How to use FTD 2140 data interface for management [HA]

Go to solution
Lamin
Level 1
Level 1

‎05-12-2023 12:14 PM

Hi All,

I have deployed 2x FTD 2140 in a HA mode. These are managed by FMC (version 7.2.3).

What i am try to achieve is configure one of the data interfaces on each FTD to use as inband management interface. I will like to use this data interface for FMC <> FTD (TCP 8305) management and also for normal inband management access. I still want to keep management 1/1 for local access (oob) without a default gateway.

I am not sure how this should be done but i have tried to configure the data interface via FMC but option to set to 'management only' frozen

Lamin_0-1683918346324.png

I also tried via FTD using the below command but it errored:

> configure network management-data-interface ipv4 manual 172.16.1.1 255.255.255.248 interface Ethernet1/10

Error: The interface: Ethernet1/10 is not configured with remote management

 

Below is my physical topology. FMC is not included but it's communicating with FTDs via FTD management 1/1.

FTD HA - MANAGEMENT.png

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Lamin
Level 1
Level 1

‎05-12-2023 12:35 PM

As per the below documentation, "High Availability is not supported. You must use the Management interface in this case" for ftd remote management

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/ftd-fmc-remote.html

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Lamin
Level 1
Level 1

‎05-12-2023 12:35 PM

As per the below documentation, "High Availability is not supported. You must use the Management interface in this case" for ftd remote management

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/ftd-fmc-remote.html

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎05-12-2023 12:37 PM

This is from the config guide regarding management on the date interface:

  • High Availability is not supported. You must use the Management interface in this case.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/730/management-center-device-config-73/get-started-device-management.html

Go to solution
radhore
Cisco Employee
Cisco Employee
In response to eduard.hoffmann

‎06-27-2025 05:19 AM

Did you mean that we can have two separate IPs for the FTD HA management through DATA interface?
One IP for the Active firewall and second IP for Standby firewall? Through Standby IP can i manage the standby FW.
Do you have any documentation to perform this configuration?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card