Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Removing ZBFW remotely

Hello all,

I have a small branch 871 which is about 1800km away from me. I want to remove the complete ZBFW from the router (configured through SDM once) and start from scratch. Obviously I don't want to lock myself out, although there are people onsite who can reset the router in necessary, I'd like to avoid having to ask them.

Can I just do a 'no zone-member security out-zone' on the outside interface and then follow with the other 2 LAN inside interfaces?

Thanks in advance!

Everyone's tags (3)
1 REPLY
Community Member

Removing ZBFW remotely

Well I'm going to answer my own question: you can just remove the 'zone-member security xxx' from the interface configuration without losing access. I did the outside first, then the 2 LAN interfaces.

Also finally came across this post: https://learningnetwork.cisco.com/thread/30212

Of course, when in doubt, a 'reload in 5' will help.

200
Views
0
Helpful
1
Replies
CreatePlease to create content