Came across this issue which got me stumbled at first. I had a VTI tunnel to Azure with static route pointing to the next hop. FTD# sh run route | i 10.16.0.0 route Tunnel10-Azure 10.16.0.0 255.255.0.0 10.2.80.2 1 Tunnel interface was up. FTD# sh int ip br Tunnel10 10.2.80.1 YES …
Tag: FTD
I saw this issue with redundant internet up-links. Check routing for VPN gateway. I had encrypted subnet routing through secondary Internet connection but secondary VPN gateway IP was still routing through default primary Internet gateway. Once all the routing matched, VPN tunnel came up. …
After deploying Remote Access VPN settings I’ve updated the default domain field under the Group Policy (GP) but got a deployment error. Lina messages ErrorCode: CFG-IN-PROGRESS Severity: error Description: com.cisco.ngfw.messages.DescriptionType@8b7c834 FMC >> clear configuration session OBJECT I was able to update the domain with some random name but not the …
Once you complete your FTD remote site deployment there may come up a need to monitor Syslog or SNMP messages from FTD or if you want to turn on AnyConnect RA VPN with AAA authentication. With ASA there is a command management-access <interface> to designate source interface for ASA management …
I was looking for ways to setup FTD for remote site deployment and after some time of gathering different information from other sources(1,2,3), I thought of writing this post to show what worked best for me in this setup. If remote site has a single Internet connection deploying ASA …