Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
900
Views
0
Helpful
1
Replies

FTDv in Azure as VPN Hub

sphbecker1
Level 1
Level 1

‎02-22-2021 10:41 AM - edited ‎02-22-2021 10:41 AM

I currently have 18 offices all with Firepower FTD devices as their network edge device, each with a s2s VPN connection to an Azure Virtual Network Gateway (VNG) as a hub. I am testing the idea of using our FTDv in Azure as the hub device instead of the VNG so that the Firepower Management Center can fully manage the VPN connections.

What I am trying to do would be pretty easy if the hub was a physical FTD device, but I am running into issues with the way Azure handles its public IP addresses. The FTDv's outside interface gets a privet IP address, which is then NATed to public in the Azure network fabric (I don't believe Azure allows direct assignment of a public IP to a virtual interface). Due to this design, the FMC is trying to use the privet IP address to configure VPN tunnels, which clearly doesn't work.

Any way to get around this without resorting to building each VPN tunnel manually?

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Carlos T
Level 1
Level 1

‎02-20-2023 01:21 AM

Have you sorted this?

0 Helpful
Customers Also Viewed These Support Documents