Trouble with FTD monitoring multiple ISP IP addresses

Wesley_Dymond · ‎01-25-2022

Like many of you, my organization has a /29 network assigned by our ISP. With 6 usable IP, I need to be able to monitor and send/receive using multiple IP addresses on my FTD. Some IP addresses are already monitored by a different (non Cisco) firewall. How can I set my FTD 2100 series to listen to 2 IP addresses using one or two interfaces on the FTD? When I try and configure a second IP on a second interface, I get the error "The IP address [redacted]/255.255.255.248, cannot overlap with the subnet of interface [redacted]." I'm not sure what aspects of the FTD would allow this, I'm brand new to the FTD. Thank you in advance!

CISSP

balaji.bandi · ‎01-25-2022

How can I set my FTD 2100 series to listen to 2 IP addresses using one or two interfaces on the FTD?

If the ISP already allocated IP address of Public FTD Listen automatically, you do not need to assign IP address to Listen, instead make use of that IP address by doing NAT

Public IP to Private IP

is this what you looking? or something different you looking to achieve?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Rob Ingram · ‎01-25-2022

@Wesley_Dymond as you found you cannot assign another IP address to an interface in the same network. You will need to create static NATs for the other public IP addresses.