02-27-2017 03:53 AM - edited 03-10-2019 06:47 AM
Hi,
What options (if any) are there for Virtual (VMWARE) Firepower Management Centre High Availability?
I notice in the 6.1 release notes that only physical appliances are listed and the menu isn't available in my lab virtual appliance.
- I'm looking to deploy in a Layer 3 Data Centre topology, i.e vmotion probably isn't an option.
Thanks in Advance,
Nick
Solved! Go to Solution.
03-02-2017 11:33 PM
vMotion would be an option if you had a l2 interconnect (although its not officially supported, it works fine)
I would recommend a DR plan.
Install a 2nd vFMC and keep the version aligned to your active vFMC. If your primary fails, import your backup into your cold standby FMC (dont backup event data or this prpcess will take > 30 minutes. Spin up your SVI to get the same network as in your other dc up and you should be done.
Let me know if that answers your wuestion
02-27-2017 05:50 AM
Hi There,
HA for virtual FMC isn't supported, You would need to go for physical appliance.
Thanks
Yogesh
Rate if helps.
02-01-2019 12:31 PM
I really find it a little puzzling that the FMC virtual does not have an HA option or even a Pri/Sec option. I mean even the ISE appliances can do this! I Feel you should be able to add multiple managers to the SFRs/FTDs and have another FMC just sitting waiting and you can promote it to primary.
03-02-2017 11:33 PM
vMotion would be an option if you had a l2 interconnect (although its not officially supported, it works fine)
I would recommend a DR plan.
Install a 2nd vFMC and keep the version aligned to your active vFMC. If your primary fails, import your backup into your cold standby FMC (dont backup event data or this prpcess will take > 30 minutes. Spin up your SVI to get the same network as in your other dc up and you should be done.
Let me know if that answers your wuestion
01-08-2019 11:04 AM
What is a DR solution? I'm looking for a solution that would work for HA across 2 subnets in remote locations. Would ESXi work in that case?
02-04-2019 07:39 PM
For Disaster Recovery of Firepower Management Center you need to either:
a. Use hardware appliances that support HA, or
b. Do a backup/restore scheme outside the context of Firepower itself. If the subnet does not exist in the remote location, you won't be able to easily restore as device registration etc. will be broken.
c. Manage the DR site appliances with an FMC at the DR site. (Of course this would not address any appliances at other sites.)
Note that most features continue to work fine in the absence of the FMC.
01-04-2021 02:36 AM - edited 01-04-2021 02:38 AM
Hi,
"FMCv for VMWare now supports High Availability.
You configure FMCv HA just as you would on hardware models. You will need two licensed identical FMCv's
Supported platforms: FMCv for 10, 25, and 300 devices only (No support for FMCv for 2 devices), running on VMWare "
(Version 6.7.0)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide