Scribd Logo
Upload

Welcome to Scribd!

  • Cisco FTD FMC Routed Mode Lab Configuration

    Uploaded by

    Jorge Brandão
    371 views14 pages
    This document provides instructions for configuring a Cisco Firepower Threat Defense (FTD) device on the Cisco Firepower Management Center (FMC) using the PNETLab platform. It outlines prerequisites of installing Docker and devices. It then provides step-by-step configuration instructions including adding the FTD to the FMC, configuring interfaces and zones, adding a default route, configuring NAT, and setting security policies to permit access to Google but deny access to Facebook. The configuration is then verified by pinging addresses and accessing the Google and Facebook websites.

    Original Description:

    Cisco FTD FMC routed mode lab configuration

    Original Title

    Cisco FTD FMC routed mode lab configuration

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for configuring a Cisco Firepower Threat Defense (FTD) device on the Cisco Firepower Management Center (FMC) using the PNETLab platform. It outlines prerequisites of installing Docker and devices. It then provides step-by-step configuration instructions including adding the FTD to the FMC, configuring interfaces and zones, adding a default route, configuring NAT, and setting security policies to permit access to Google but deny access to Facebook. The configuration is then verified by pinging addresses and accessing the Google and Facebook websites.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    371 views14 pages

    Cisco FTD FMC Routed Mode Lab Configuration

    Uploaded by

    Jorge Brandão
    This document provides instructions for configuring a Cisco Firepower Threat Defense (FTD) device on the Cisco Firepower Management Center (FMC) using the PNETLab platform. It outlines prerequisites of installing Docker and devices. It then provides step-by-step configuration instructions including adding the FTD to the FMC, configuring interfaces and zones, adding a default route, configuring NAT, and setting security policies to permit access to Google but deny access to Facebook. The configuration is then verified by pinging addresses and accessing the Google and Facebook websites.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 14

    Download PNETLab Platform

    PNETLAB Store
    PNETLab.com

    I. Topology

    II. Perquisite:
    - Installed docker chrome from device tab
    - Installed FTD and FCM devices from device tab

    - RAM 24Gb, CPU 8 core


    - Add more 15Gb HDD
    o Flow this guide: https://www.eve-ng.net/index.php/documentation/howtos-
    video/expand-hdd-on-eve-vm/
    III. Question:
    1. Add FTD to FMC with route mode
    2. Configure interface FTD as topology
    3. Configure default route from FTD to GW
    4. Configure NAT on FTD to allow user can ping to Outside
    5. Configure Policy to:
    • Allow user to Google 200.1.1.1
    • Deny user to Facebook 201.1.1.1
    • Permit all

    1
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    N Device IP mgmt. account


    o
    1 MGMT 192.168.1.1
    2 FMC 192.168.1.2 admin/Admin123
    3 FTD 192.168.1.3 admin/Admin123
    4 Google 200.1.1.1 pnetlab/pnetlab
    5 Facebook 201.1.1.1 pnetlab/pnetlab

    2
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    I. Solution

    Step 1: click to Mgmt pc (Docker chrome)

    On chrome: https://192.168.1.3

    Login with account: admin/Admin123

    Step 2: finish initial setup and enable evaluation license

    System -> License -> Smart Licenses -> enable evaluation license

    3
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    Step 3: add FTD to FMC

    FTD:
    configure manager add 192.168.1.2 cisco

    FMC:

    Go to device -> device manager -> add device -> fill FTD information and Register

    Step 3: Create Name Interface, layer 3 interface with ip address and zone

    Gi0/0 is inside interface (choose enable)

    4
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    Do the same with Gi0/1 outside interface

    5
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    ➔ Save and deploy

    6
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    Step 4: Configure default route on FTD with GW router is next hop

    -> Device -> Device Management -> Routing -> Static Route -> Add Route

    ➔ Save and Deploy

    7
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    Step 5: Configure NAT on FTD


    Device -> NAT -> New Policy -> Add FTD policy

    Add -> Rule

    8
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    Save and Deploy

    Step 6: Configure policy

    - Permit browser to google

    9
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    10
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    - Deny browser to facebook

    11
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    - Permit all

    12
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    Save and deploy

    Step 7: Verification
    - Ping

    13
    Download PNETLab Platform
    PNETLAB Store
    PNETLab.com

    - Web browser
    http://200.1.1.1 with account: pnetlab/pnetlab

    ➔ Permit browser to google

    http://201.1.1.1

    ➔ Deny to facebook

    ============ END =============

    14

    You might also like