You are here
SEC0237 - FTD 6.1 Firewall Mode and Interface Type (Part 1)
Difficulty Level:
Lab Document:
<Please login to see the content>
Category:
Security
The video walks you through different operational mode on Cisco FTD 6.1 as physical and virtual (NGFWv) devices covering, routed, passive, inline, transparent and ERSPAN modes. We will focus on interface configuration of each type, zone configuration, and how to get traffic to pass through or to the device.
Part 1 of this video covers FTD in routed mode
Topic:
-
FTD Routed Mode
- Routed Zone
- Routed Interface
- Redundant Interface
- Static Route
-
FTD Passive Mode
- Passive Zone
- Passive Interface
- SPAN Session
-
FTD Inline Mode
- Inline Zone
- Inline Set
-
FTD Transparent Mode
- Etherchannel
- Sub-Interface
- Bridge Group Interface
- FTD with ERSPAN
About Author
Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
5 comments
Inline set
Hello, Metha, is it possible to make inline pairs in Inline set (ips), if Firepower devices are in HA (active/standby) and in routed mode? Outside interfaces/zones stand for internet direction? Thank you.
Inline set
No. Inline pair is for IPS but routed mode is FW and they are different. Outside usually mean unsecure side of the network and doesn't necessarily have to be internet.
Inline set
In a lab there are two FTD devices in HA pair - active/standby in routed mode managed in FMC. For IPS functionality to enable on these devices i choose 2 interfaces on active device in FMC and go to Inline set, but there are no interfaces available, so i cant choose anything. Is it because of active/stanby or what could be the issue..?
Inline set
What Mode did you have the interface set to? Make sure it is set to None.
Inline set
OK, Thank you..