About tato386

tato386 · 01-13-2026

I currently have an FTD that has public DNS configured on the management interface (>show network, >show DNS system have Umbrella IPs). I have internal DNS IPs assigned to inside data interface using the platform policy. I did not check enable DNS...

tato386 · 11-06-2025

I setup a site to site VPN with a pair of FTDs using the FMC VPN wizard and static VTI interfaces. Each FTD has two ISPs so I configured a backup tunnel using the 2nd set of ISPs and VTIs. I also setup BGP using the primary set of ISPs and VTIs. All...

tato386 · 10-15-2025

My FTD public facing interfaces are using "front door" VRF setups and I need to enable an interface for RA VPN. From what I have found the challenge is going to be leaking my internal routes to the "front door" VRF interface. I've seen examples usi...

tato386 · 09-24-2025

I am experimenting with setup of dual ISP using front door VRF. The gear is FMC/FTD 1120 running v7.6.2. As per some AI research I reconfigured my NAT setup with manual NAT rules and selected specific source and destination interfaces. However whe...

tato386 · 07-10-2025

I tried in the FTD CLI and also in "system support diag" and can't seem to find duplex status. Where did they move this too? FTD is v7.4.2.2Thanks

tato386 · 01-15-2026

I think the answer might be a combination of things. One of the articles that @balaji.bandi mentioned clearly states that it is possible for the FMC to initiate communication so maybe the FTD received hello packets from FMC and established the neede...

tato386 · 01-14-2026

@balaji.bandi yes, DNS is working fine and the tests I ran confirm that each interface (management and data) are using the DNS servers that are assigned to them. I am simply trying to find out why the "show managers" output is not consistent with th...

tato386 · 10-17-2025

update: FWIW, I setup RA using SSL and EntraID as IdP and enabled on the outside interface which is member of user defined VRF. I used static routes to leak inside networks to VRF and leaked VPN pool to global routing table and it seems to work. M...

tato386 · 10-16-2025

"supported only on..." is sometimes not the same as "won't work". is it worth giving it shot to see what happens?

tato386 · 09-25-2025

Hello @paul driver,Yes, good point I should elaborate bit. Please see attached screenshot of a slide from a Cisco Live session describing the FTD VPN topology I am trying to build. I actually have it setup now without using VRFs. I have default ...

Member Since	‎06-27-2002 07:25 PM
Date Last Visited	‎01-14-2026 12:56 AM
Posts	1,307
Total Helpful Votes Received	126

User Statistics

User Activity

unravelling FTD DNS settings and configuration

BGP config for FTD VPN with backup VTI

FTD RA WebVPN with VRF interface

NAT setup with two ISP and front door VRF

show interface command on FTD 1100 doesn't show duplex

Re: unravelling FTD DNS settings and configuration

Re: unravelling FTD DNS settings and configuration

Re: FTD RA WebVPN with VRF interface

Re: FTD RA WebVPN with VRF interface

Re: NAT setup with two ISP and front door VRF