cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

534
Views
0
Helpful
3
Replies
ABaker94985
Beginner

Multicast limitations for FTD 4120 and FMC, both running 6.6.1

I found various Cisco articles regarding multicast support for FTD (4120) and vFMC. I've not been able to track down limitations, t though. The firewall pair will be configured as routed HA, and the firewalls will be connected to a pair of Nexus7K using vPC, which will also be running the PIM RP. I realize each FTD should connect to a unique vPC on the Nexus pair, so this multicast related concerns only. The firewalls will be connected to the 7K's using Etherchannel and subinterfaces/trunks. 

 

I've found this article:  https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/multicast_routing_for_firepower_threat_defense.html#ID-2181-0000026f

I want to confirm we've not missed anything. Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Francesco Molino
VIP Mentor

Hi

 

I'm not sure I understand your question. You want to know about limitations in a VPC environment?
1 of the limitation with Firepower is not support of SSM when it is placed as last hop router.

The rest should work unless you have a specific design/questions.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

3 REPLIES 3
Francesco Molino
VIP Mentor

Hi

 

I'm not sure I understand your question. You want to know about limitations in a VPC environment?
1 of the limitation with Firepower is not support of SSM when it is placed as last hop router.

The rest should work unless you have a specific design/questions.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

The question does not necessarily hinge around vPC, although that is part of the environment the firepower will be installed in. The vPC will be transparent to the Firepower, so my question was more around multicast deployment for the Firepower when configuring Etherchannel with routed subinterfaces on an HA firewall pair. I believe you said this should work. The documentation I read seemed to indicate we'd be OK, but I couldn't find anything on limitations. This is only a small part of a large project, and I'm trying to make sure we don't run into any snags along the way.

No limitation at high level except the one i mentioned earlier.

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Content for Community-Ad