Solved: Is there a similar entry to "management-interface inside" on FTD CDO - Cisco Community

2282

Views

1

Helpful

2

Replies

The management system at our HQ reaches out to the inside interfaces of the branch firewalls through site-to-site VPN tunnels for both pings and SNMP, and on the firewalls running ASA firmware, we use "management-interface inside." Is there a similar command for the FTD/CDO? Is this a command that go in flex config? I've not been able to find documentation on how to get this inserted.

The system I'm currently working with is an ASA 5508-X running 6.6.1. The ACP is permitting this, but I'm also not sure if there is something on the control plane that needs to be opened up. Is there anything else I need to consider?

Thank you.

1 Accepted Solution

Accepted Solutions

Yes you can use Flexconfig to configure management-access command

https://community.cisco.com/t5/vpn/anyconnect-to-connect-to-firepower-inside-interface/td-p/4083536

https://community.cisco.com/t5/vpn/ftd-management-via-vpn-issue/td-p/4088577

However cisco TAC recommends to connect to the outside interface to manage the device

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg50549?rfs=iqvred

View solution in original post

2 Replies 2

Yes you can use Flexconfig to configure management-access command

https://community.cisco.com/t5/vpn/anyconnect-to-connect-to-firepower-inside-interface/td-p/4083536

https://community.cisco.com/t5/vpn/ftd-management-via-vpn-issue/td-p/4088577

However cisco TAC recommends to connect to the outside interface to manage the device

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg50549?rfs=iqvred

Thanks for the super fast response. That's exactly what I was looking for. Take care.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card