Solved: Inline FTD device not passing traffic

sonic8or · ‎08-12-2021

If have an FTD device set with inline on ports ge0/0 and ge0/1, but it's not passing traffic. I can see in the logs that traffic is being allowed, but there's no internet access. I've verified the physical connections are correct, the rules are set to allow everything and the internet works when the FTD isn't in the configuration. There's no NAT rules as it's an inline pair.

Is there a setting I might be missing that needs to be configured?

sonic8or · ‎08-13-2021

Solved it. For anyone else having the same problem:

Promiscuous mode, forged transmits and allow mac changes all need to be enabled on corresponding ports in the VMware settings.

View solution in original post

Chakshu Piplani · ‎08-13-2021

Kindly go through this document : https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200924-configuring-firepower-threat-defense-int.html

You can try tap mode to isolate this issue by bypassing snort and t-shoot further.

Regards,

Chakshu

Do rate helpful posts!

sonic8or · ‎08-13-2021

I've gone through that entire document and still end up with the same results of no traffic. I can't ping the gateway. This is virtual with VMware on a Cisco ucs server. I've enable promiscuous mode on VMware as well. Still no traffic flowing through. It seems as if the interfaces are only working individually and not sending traffic between them. They aren't segmented via vlans, either.

sonic8or · ‎08-13-2021

Solved it. For anyone else having the same problem:

Promiscuous mode, forged transmits and allow mac changes all need to be enabled on corresponding ports in the VMware settings.