About bfbcnet

bfbcnet · 12-23-2024

Hi,So first this is NOT a question about integrating ISE and DNAC / CatC. It is about after that.The most confusing thing I have found is understanding what CatC will setup for you on ISE and what you need to configure on ISE yourself. I have not bee...

bfbcnet · 09-11-2024

Hi,I have two questions on the behaviour of 3100 Secure firewalls in a cluster and interface health checks.We have a pair of 3100 secure firewalls (running FTD), that we have setup in a cluster, managed by FMC. All devices connected to the two FW's u...

bfbcnet · 06-03-2024

Hi,As part of our SD-Access roll out, we wanted to keep some functionality we had on our legacy Cisco network where access to the management interfaces of our Fabric switches is locked down to certain remote addresses and the address of DNA-C. Though...

bfbcnet · 06-03-2024

Hi,I am a bit stuck with DNA-C and the interrelation of DHCP and DNS settings in different areas of DNA-C. We mainly segregate our network between Corporate and Guest Traffic as a gross simplification. This is our main VN segregation. We have separat...

bfbcnet · 12-15-2023

Hi,First time post. Apologies in advance if this a too in depth a question for here, but you don't know unless you try.The scenario is that we are on the journey of moving to SD-Access. We have a normal fabric with a standard VN setup, up and working...

bfbcnet · 09-20-2024

In the mean time have upgraded FMC to lastest 7.4x version. FMC has extra dialogs for interface monitoring now, This was global to all interfaces in ver 7.2x. Either on or off for all or none. To support this is there is extra documentation in FMC th...

bfbcnet · 09-13-2024

Sure, that is an alternative layout supported, but the way we have ours laid out is supported as in that documented.

bfbcnet · 09-13-2024

Think I have answered my second question after some playing. The CLI command 'show cluster history' gives detail down to the port / etherchannel that is causing the issue. The issue is that it matters what FW you run the command on. If run on the FW ...

bfbcnet · 09-13-2024

No Spanned Etherchannels are supported with the firewalls in this clustering setup, as from the document I linked:Cisco Secure Firewall Management Center Device Configuration Guide, 7.2 - Clustering for the Secure Firewall 3100 [Cisco Secure Firewall...

bfbcnet · 09-12-2024

Not sure the portchannel / etherchannel config has much to do with it, but here is is the topology.Edited: Did not document the cluster control link layout we have properly.

Member Since	‎04-16-2004 04:43 AM
Date Last Visited	‎12-30-2024 02:03 AM
Posts	47
Total Helpful Votes Received	3

User Statistics

User Activity

DNAC/CatC and ISE - What does DNAC do and what do you have to do?

Secure Firewall Cluster interface health behavior

Cannot do ACL or VTY config via Template Hub with SD-A?

SD-Access and multiple DHCP and DNS setups

LISP Route in "Route_rejected" status?

Re: Secure Firewall Cluster interface health behavior

Re: Secure Firewall Cluster interface health behavior

Re: Secure Firewall Cluster interface health behavior

Re: Secure Firewall Cluster interface health behavior

Re: Secure Firewall Cluster interface health behavior