Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
595
Views
5
Helpful
4
Replies

ASA FTD with FMC

Go to solution
caiobomani
Level 1
Level 1

‎05-21-2018 04:11 PM - edited ‎02-21-2020 07:47 AM

Dear team,

 

I'm currently setting up my data center with Cisco ASAs and am attempting to use the ASA running FTD and manage them via FMC.

 

My first issue was with licensing. Since I'm using FMC after version 6, the license (classic) is no longer accepted (for what I understood, the image is "prelicensed"). With that being said, now I need to make my ASA firewalls (5516-x) be managed by that FMC. The problem is with the communication.

 

Whenever I attempt to make the ASA be managed by the FMC, I keep getting messages that it should use a dedicated gateway for management and dont let me register in the FMC without it.

 

My question is:
Can I manage the ASA via FMC without using the management interface? Or its mandatory that management be made via that interface?

 

I want to use a data interface as a management interface as well.

 

Thanks in advance for any support.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎05-21-2018 05:19 PM

Hi

Yes you need to use the management interface to be allowed to register it on FMC.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

4 Replies 4

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎05-21-2018 05:19 PM

Hi

Yes you need to use the management interface to be allowed to register it on FMC.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
caiobomani
Level 1
Level 1
In response to Francesco Molino

‎05-22-2018 08:46 AM

And I assume that I cannot assign an IP address within the subnet that other interfaces (data for example) belongs right?

0 Helpful

Go to solution
Fotiosmark
Level 1
Level 1
In response to caiobomani

‎05-22-2018 11:25 PM

thats not true.
You see you set the IP for Management through the Console, in the FTD. Once that is set you can log in the FMC, add the device, Register it, and then you can set IPs for the interfaces through there, depending if the FTD is in Routed mode or Transparent mode. But you can because Management with the actual interfaces are different
0 Helpful

Go to solution
Fotiosmark
Level 1
Level 1

‎05-22-2018 06:54 AM

I had the same question not long ago.
The Management interface is required to use FMC to manage the ASA. This is the way it gets the licence also. (smart licensing from now on)
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card