Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1776
Views
0
Helpful
0
Replies

Problem applying flexconfig to FTD running 6.7 and managing with FDM

ABaker94985
Spotlight
Spotlight

‎09-27-2021 02:46 PM - edited ‎09-28-2021 06:30 AM

I'm trying to create a control-plane ACL on the outside interface of one of our FTDs that's being managed by FDM. The following was pasted into the flexconfig template field:

 

access-list CPLANE extended permit tcp host VPN_Client_IP host VPN_Server_IP eq 443
access-list CPLANE extended deny ip any any
access-group CPLANE in interface outside control-plane

 

However, this cannot be applied within FlexConfig because of the error "Block list CLI error: access-list CPLANE extended ..." for the first two lines. There isn't an error on the third line. This error shows up even with a simple "deny ip any any" or "permit ip any any". I've found several articles similar to https://integratingit.wordpress.com/2021/06/26/ftd-control-plane-acl/ that show something that looks pretty much the same, although the FMC is used in lieu of FDM. Can anyone shed some light on this? Thanks

2 people had this problem
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card