Menu Close

FMC Preshared Automatic Key

When we configure a site to site VPN in FMC, on the IKE tab, we see an authentication type option to use a Preshared Automatic Key. In this post we will see what that option does for us. FMC as you know can manage multiple FTD appliances. The appliances that would be managed by the FMC do not necessarily have…

FMC DHCP Relay

In this post we will see how to configure DHCP Relay Agent on FTD through FMC. DHCP Relay Agent would be required when our DHCP server is not located in the same broadcast domain as the DHCP clients. For instance, we might have a centralized DHCP server located in a VLAN and the clients trying to get an IP are…

FMC AnyConnect SSL VPN

This post will show you how to configure AnyConnect SSL VPN in FMC. However, it will show you a slightly different configuration comparing to the common one we mostly use. In this lab we will have a DHCP server inside our network, and that DHCP server will assign the AnyConnect clients IP addresses from the same internal range. Therefore, both…

FMC User Agent

As Cisco was suggesting, the Firepower User Agent for Active Directory as an identity source for FMC was going to be removed in the future releases. In fact, as of FMC version 6.6.0 the Firepower User Agent is gone. The way to go is via integrating the FMC with ISE using pxGrid. I had intensively covered the pxGrid integration in…

FMC pxGrid Integration with ISE

This post will show you how to integrate Cisco FMC with ISE using pxGrid. But let’s first start off with some brief description of what pxGrid is. pxGrid stands for Platform Exchange Grid. It is a protocol that allows integrating multiple vendors security products together and grouping them in an ecosystem domain. The main purpose of using pxGrid is to…

FMC Identity Policy

The FMC Identity Policy is a requirement when we plan to use the users or group in our Access Control Policy. Many companies nowadays are moving away from the traditional ways of configuring the security policies based on the IP addresses. The main reasons of this is because using the IP addresses is not really scalable. And managing such security…

>
Scroll To Top