Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
363
Views
1
Helpful
5
Replies

Question about FMC

Go to solution
sherali mamatkarimov
Level 1
Level 1

‎01-09-2024 03:33 AM

Hello everybody. I have questions about FMC and FirePower can you help me if you know?

1. What happens if i install FMC in my server as VM to configure my FirePower, and i reinstall FMC VM after server crashing? Configuration will be saved on FirePower of it will be erased after re-adding FirePower to FMC?

2. What will be the best practice to manage FirePowers from remote offices? For example I have FirePower in office A and FMC in office A. if I install FirePower in office B should i install new FMC to office B or it will be pretty if i add add remote FirePower to my FMC located in office A?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎01-09-2024 02:09 PM - edited ‎01-09-2024 02:40 PM

1. What happens if i install FMC in my server as VM to configure my FirePower, and i reinstall FMC VM after server crashing? Configuration will be saved on FirePower of it will be erased after re-adding FirePower to FMC?
without backup and new FMC all config will be lost in FTD 
with backup and restore it to new FMC the FTD will not effect 

2. What will be the best practice to manage FirePowers from remote offices? For example I have FirePower in office A and FMC in office A. if I install FirePower in office B should i install new FMC to office B or it will be pretty if i add add remote FirePower to my FMC located in office A?
I will add to your Q 
can FTD manage by two FMC ? Yes it can if FMC is run HA

so siteA have FMCA and SiteB have FMCB 
the FTD in each site manage by only one FMC 


siteA have FMCA and SiteB dont have FMCB <<- if you have free FMC add it to SiteB if not there is no problem to control FTD in siteB via FMCA, in end this depend in your budget

MHM 

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-09-2024 04:38 AM

An FMC instance should be backed up with the backup file(s) copied off of the VM. In the event that an FMC VM is lost (crash, corruption etc.) you must have a backup of the FMC to restore it - simply re-adding the devices managed by the previous instance will NOT upload their running configurations to the new FMC instance.

Go to solution
Ruben Cocheno
Spotlight
Spotlight

‎01-09-2024 05:40 AM

@sherali mamatkarimov

Also try to push the first config out during a maintenance window

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/
0 Helpful

Go to solution
Eric R. Jones
Level 4
Level 4

‎01-09-2024 01:24 PM

Your second question answered.

You can have site A say in Los Angeles with an FMC and multiple Firepower FTD devices.

You can have site B say in San Diego with multiple Firepower FTD devices.

You can controll them all via the FMC in Los Angeles and offer access to techs in both locations to manage all devices.

 

0 Helpful

Go to solution
Marius Gunnerud
VIP
VIP

‎01-09-2024 01:57 PM

As long as you have a current backup of the FMC, getting it back up and running is not an issue. 

One FMC can manage several FTDs so you do not need to install a second FMC.  Just add it to your current FMC.  Just a suggestion, depending on ease of access to the FTD device at the remote location and the technical knowledge of those that might be assisting you in troubleshooting or replacing the FTD at the remote site, managing the FTD through the Data interface is the way to go.  I have several FTDs in remote locations which were previously managed over a site to site VPN and getting help for console / CLI access was a nightmare.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎01-09-2024 02:09 PM - edited ‎01-09-2024 02:40 PM

1. What happens if i install FMC in my server as VM to configure my FirePower, and i reinstall FMC VM after server crashing? Configuration will be saved on FirePower of it will be erased after re-adding FirePower to FMC?
without backup and new FMC all config will be lost in FTD 
with backup and restore it to new FMC the FTD will not effect 

2. What will be the best practice to manage FirePowers from remote offices? For example I have FirePower in office A and FMC in office A. if I install FirePower in office B should i install new FMC to office B or it will be pretty if i add add remote FirePower to my FMC located in office A?
I will add to your Q 
can FTD manage by two FMC ? Yes it can if FMC is run HA

so siteA have FMCA and SiteB have FMCB 
the FTD in each site manage by only one FMC 


siteA have FMCA and SiteB dont have FMCB <<- if you have free FMC add it to SiteB if not there is no problem to control FTD in siteB via FMCA, in end this depend in your budget

MHM 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card