Guest

Preview Tool

Cisco Bug: CSCvs56653 - ENH: FTD VPN redundancy when both peers managed by same FMC

Last Modified

Apr 14, 2020

Products (1)

  • Cisco Firepower Management Center

Known Affected Releases

6.4.0.7

Description (partial)

Symptom:
In the case of dual ISP peers we must use IKEv1 and create the peers through adding "EXTRANET" when creating the VPN endpoint.  This should be done with the FMC if both peers are managed by the FMC we should be able to create one VPN  that goes to both outside1 and outside2 ip addresses.

Conditions:
FMC managing two or more FTD devices.
One FTD device has two ISP's for redundancy
Only ikev1 is supported for multiple crypto map peers at this time.
A VPN needs to be setup to ISP1 and ISP2 for redundancy
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.