Quick-Guide, Subinterfaces with VLAN tagging on FMC..
So today i saw a question on the Cisco Community, regarding using VLANs on the vFMC. Creating a subinterface and using vlans on the Firepower Management Center can't be done from the GUI.
However, this can be achieved from the cli fairly easy..
First of all, connect to your FMC via SSH or the Console and issue the following command to add the subinterface:
# in this case i will be using eth0 as the physical if
ip link add link eth0 eth0.100 type vlan proto 802.1Q id 100
Now to make sure the eth0.100 is tagget with 802.1q id 100 tag use the following command:
ip -d link show eth0.100
The output should look somthing like this (without the colours, my boss loves this):
And from the GUI:
This is tested on a FMCv version 6.2.3.2 but i guess this will be the same on a FMC 1000 etc.
Bonus... To change the default management interface from the command line, edit the following file:
vi /etc/sf/interfaces.conf
# Find the following line:
MANAGEMENT=eth0
# and change i to
MANAGEMENT=eth1
Now run the setup script once again:
/usr/local/sf/bin/configure-network
The default management interface will now be eth1.
#!#! I will add a startup script for this later, atm you need to run the script on every boot !#!#
Please like and share the post if you found it useful.
Technical Consulting Engineer - Routing and Switching - Network Security - Cloud
3 年Crisp and clear
Network Architect | CCIE-DC 52006 | TOGAF | Cloud & Infrastructure | Cisco ACI | MBA Leadership | Masters Degree |
5 年Hey Nikolaj... I think FMC 6.3 onwards supports sub-interface ??