Solved: Re: Simultaneous Anyconnect and HTTPS Mgmt on outside interface fails Firepower

menzies456 · ‎06-18-2021

Hi,

Error received:

The selected outside interface is currently being used in a management access list and cannot be simultaneously used for AnyConnect VPN

Is there any way using Firepower to change the manangement port for the outside interface from 443 to say 444?

I have anyconnect configured already and receive this error when trying to enable https access to the outside interface.

Thanks

Sam

Rob Ingram · ‎06-18-2021

@menzies456

Yes, from version 6.7+

https://www.cisco.com/c/en/us/td/docs/security/firepower/670/relnotes/firepower-release-notes-670/features.html

You can change the HTTPS port used for FDM or FTD API access on data interfaces. By changing the port from the default 443, you can avoid conflict between management access and other features, such as remote access VPN, configured on the same data interface. Note that you cannot change the management access HTTPS port on the management interface.

We added the ability to change the port to the Device > System Settings > Management Access > Data Interfaces page

View solution in original post

Rob Ingram · ‎06-18-2021

@menzies456

Yes, from version 6.7+

https://www.cisco.com/c/en/us/td/docs/security/firepower/670/relnotes/firepower-release-notes-670/features.html

You can change the HTTPS port used for FDM or FTD API access on data interfaces. By changing the port from the default 443, you can avoid conflict between management access and other features, such as remote access VPN, configured on the same data interface. Note that you cannot change the management access HTTPS port on the management interface.

We added the ability to change the port to the Device > System Settings > Management Access > Data Interfaces page