Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a ikev2 s2s tunnel that is configured between a Cisco FTD firewall (my side) running version 7.4 and a Palo alto (version unknown). The tunnel comes up fine and passes traffic. The problem occurs after some time (not determined yet) that the...
I have a handful of FP 1010s that came with FTD installed. These will be used for a basic S2S VPN connection back to a FP3130. I'd like to manage these via FMC but I'm struggling with the documentation to understand a clear path to getting this acc...
We have an existing FTD 9300 running in multi-instance mode. We have a handful of firewalls on this appliance that are managed with FMC. I'd like to migrate the firewalls to a new FTD 3130 but I'm having trouble finding any specific FTD to FTD migra...
We are in the planning phase of rolling out Azure MFA for Cisco AnyConnect. Today we use Aruba Clearpass as the AAA server, and it points to on-prem authentication sources. The benefit of using ClearPass (similar to ISE) is having a method for acce...
We have FTD. I have a Dynamic S2S tunnel with an any/any defined to a bunch of Cradlepoints as that's how I was able to get it to work at the time. Will creating a new Static tunnel with any/any defined for the local and remote networks cause a con...
I believe I found the initial issue and that is that PFS was not enabled on the Cisco side. Palo must set that as default. Of course this is not configured by default with FTD. The lifetime of 28800 is still not being chosen, so I'm unsure how to ...
Thank you for these details. So if I'm understanding you I'll need the FP1010 outside interface IP included on the FMC side firewall, and the FMC IP included on the FP1010 side?
Thanks for the quick reply. I guess my question would be my FMC does not have public facing IP. So I'll have to create a specific NAT rule for this it sounds like? If it makes any difference these "remote" locations are actually on campus or close ...
