Solved: How to use FTD 2140 data interface for management [HA]

Lamin · ‎05-12-2023

Hi All,

I have deployed 2x FTD 2140 in a HA mode. These are managed by FMC (version 7.2.3).

What i am try to achieve is configure one of the data interfaces on each FTD to use as inband management interface. I will like to use this data interface for FMC <> FTD (TCP 8305) management and also for normal inband management access. I still want to keep management 1/1 for local access (oob) without a default gateway.

I am not sure how this should be done but i have tried to configure the data interface via FMC but option to set to 'management only' frozen

I also tried via FTD using the below command but it errored:

> configure network management-data-interface ipv4 manual 172.16.1.1 255.255.255.248 interface Ethernet1/10

Error: The interface: Ethernet1/10 is not configured with remote management

Below is my physical topology. FMC is not included but it's communicating with FTDs via FTD management 1/1.

Lamin · ‎05-12-2023

As per the below documentation, "High Availability is not supported. You must use the Management interface in this case" for ftd remote management

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/ftd-fmc-remote.html

View solution in original post

Lamin · ‎05-12-2023

As per the below documentation, "High Availability is not supported. You must use the Management interface in this case" for ftd remote management

https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/ftd-fmc-remote.html

Karsten Iwen · ‎05-12-2023

This is from the config guide regarding management on the date interface:

High Availability is not supported. You must use the Management interface in this case.

https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/730/management-center-device-config-73/get-started-device-management.html