Cisco FTDv#
Cisco FTDv is identified with cisco_ftdv
kind in the topology file. It is built using vrnetlab project and essentially is a Qemu VM packaged in a docker container format.
Managing FTDv nodes#
Note
Containers with Cisco FTDv inside will take ~1-2 min to fully boot.
You can monitor the progress with docker logs -f <container-name>
.
Cisco FTDv node launched with containerlab can be managed via the following interfaces:
serial port (console) is exposed over TCP port 5000:
You can also connect to the container and usetelnet localhost 5000
if telnet is not available on your container host. HTTPS server is running over port 443 -- connect with any browser normally.
Info
Default user credentials: admin:Admin@123
Interface naming#
You can use interfaces names in the topology file like they appear in Cisco FTDv.
The interface naming convention is: GigabitEthernet0/X
(or GiX
), where X
is the port number.
With that naming convention in mind:
Gi0
- first data port availableGi1
- second data port, and so on...
Note
Data port numbering starts at 0
.
The example ports above would be mapped to the following Linux interfaces inside the container running the Cisco FTDv VM:
eth0
- management interface connected to the containerlab management network (rendered asManagement0/0
in the CLI)eth1
- first data interface, mapped to the first data port of the VM (rendered asGigabitEthernet0/0
)eth2+
- second and subsequent data interfaces, mapped to the second and subsequent data ports of the VM (rendered asGigabitEthernet0/1
and so on)
When containerlab launches Cisco FTDv node the Management0/0
interface of the VM gets assigned 10.0.0.15/24
address from the QEMU DHCP server. This interface is transparently stitched with container's eth0
interface such that users can reach the management plane of the Cisco FTDv using containerlab's assigned IP.
Data interfaces GigabitEthernet2+
need to be configured with IP addressing manually using Web UI or other available management interfaces.
Features and options#
Node configuration#
Cisco FTDv nodes come up with a basic configuration where only the management interface and a default user are provisioned.
Nodes are configured for local management with Firepower Device Management (FDM) On-Box management service. FDM is available via HTTPS and takes a few minutes to come up after node boot up.
Lab examples#
The following simple lab consists of two Linux hosts connected via one FTDv node: