Skip to main content

 

 

Cisco Defense Orchestrator

Assign a Firepower Interface to a Security Zone

Before you Begin

An interface has the following limitations when adding a security zone:

  • The interface must have a name.
  • The interface cannot be management-only. This option is enabled and disabled from the Advanced tab of the interface. 
  • You cannot assign a security zone to a bridge group interface.
  • You cannot assign a security zone to an interface configured for switchport mode. 

Assign a Firepower Interface to a Security Zone

Use the following procedure to associate a security zone to an existing interface:

  1. Log into CDO. 
  2. In the navigation pane, click Devices & Services
  3. Select the FTD you want to modify. In the Management Pane located to the right, click Interfaces
  4. Select the interface you want to add a security zone to and click  edit.pngEdit.
  5. Use the Security Zone drop-down menu and select the security zone you want associated with this interface. 

Note: If need to, ceate a new security zone from this drop-down menu by clicking Create New

  1. Click Save
  2. Deploy Configuration Changes from CDO to FTD

Related Articles:

  • Was this article helpful?