KB ID 0001673
This page will be used as a central repository and ‘index’ for configuration on the Cisco Firepower 1010 series firewall. I intend to add to it as I test the capabilities and work out any problems whilst trialing/deploying and operating this platform.
VPN Firepower 1000 series running ASA Code.
Cisco Firepower 1010 Licensing
Is not supported on this platform, it cannot be configured as an EZVPN client.
Site to Site VPN (as per older 5500-x and 5500 series)
Cisco ASA Site To Site VPN IKEv2 “Using CLI”
Cisco ASA Site To Site VPN IKEv1 “Using CLI” (Only normally required, if the other end does not support IKEv2)
Cisco ASA Site to Site VPN ‘Using ASDM’
Remote Access VPN
Cisco ASA AnyConnect VPN ‘Using CLI’
Cisco ASA AnyConnect VPN ‘Using ASDM’
Cisco ASA – L2TP over IPSEC VPN ‘Using CLI or ASDM’ (Using Windows 10 Built in VPN client)
Port Forwarding and NAT
Cisco ASA Port Forwarding ‘Using CLI or ASDM’
Cisco ASA Port Forwarding To A Different Port
Cisco ASA Port Forwarding a ‘Range of Ports’
Cisco ASA Static (One to One) NAT Translation
VPN Firepower 1000 series running FTD Code.
Cisco Firepower 1010 (FTD) Initial Setup
Cisco FTD: AMP/URL Filtering/Threat Detection and AVC
Site to Site VPN
Remote Access VPN
Cisco FTD Remote Access VPN (AnyConnect)
Cisco FTD (and ASA) Creating AnyConnect Profiles
I will continue to add to this page but please be patient. (I’m juggling two jobs, and have a personal life!)
Related Articles, References, Credits, or External Links
I am working on FTD. Your blog is just awesome, it helped for few things.
I got FTD running with some missing features.
1. PPTP server behind FTD? On ASA code – “fixup proto pptp pptp” resolved it. But for FTD Code I can not find a working solution.
2. IPSEC tunnel is working OK. But there I have a double NAT on my side. On ASA all worked with:
nat (inside,outside) source static localLAN localNATLAN destination static remoteLAN remoteLAN
access-list outside_cryptomap extended permit ip object localNATLAN object remoteLAN
On FTD remoteLAN can not access services on localNATLAN translated servers. Adding ACL allowing viceversa traffic cant resolve the issue.
Any advice, please?
FDM 1010 – DHCP : where is option for reservation by mac address please ?
Thanks you for return
Sorry I do not know