Special Case: Connecting Firepower 8000 Series Devices - Cisco AMP8050 Hardware Installation

Firepower 8000 series

Hide thumbs Also See for AMP8050:

Installation manual (204 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

page of 134

/ 134
Contents
Table of Contents
Bookmarks

Table of Contents

Connecting Devices to Your Network

Figure 6-1

The following table indicates where you should use crossover or straight-through cables in your

hardware bypass configurations. Note that a Layer 2 port functions as a straight-through (MDI) endpoint

in the deployment, and a Layer 3 port functions as a crossover (MDIX) endpoint in the deployment. The

total crossovers (cables and appliances) should be an odd number for bypass to function properly.

Table 6-1

Endpoint 1

MDIX

MDI

MDIX

MDI

MDIX

Note that every network environment is likely to be unique, with endpoints that have different

combinations of support for Auto-MDI-X. The easiest way to confirm that you are installing your device

with the correct cabling is to begin by connecting the device to its two endpoints using one crossover

cable and one straight-through cable, but with the device powered down. Ensure that the two endpoints

can communicate. If they cannot communicate, then one of the cables is the incorrect type. Switch one

(and only one) of the cables to the other type, either straight-through or crossover.

After the two endpoints can successfully communicate with the inline device powered down, power up

the device. The Auto-MDI-X feature ensures that the two endpoints will continue to communicate. Note

that if you have to replace an inline device, you should repeat the process of ensuring that the endpoints

can communicate with the new device powered down to protect against the case where the original

device and its replacement have different bypass characteristics.

The Auto-MDI-X setting functions correctly only if you allow the network interfaces to auto-negotiate.

If your network environment requires that you turn off the Auto Negotiate option on the Network

Interface page, then you must specify the correct MDI/MDIX option for your inline network interfaces.

See Configuring Inline Interfaces in the Firepower Management Center Configuration Guide for more

information.

Special Case: Connecting Firepower 8000 Series Devices

When you register a Firepower 8000 Series managed device to your Firepower Management Center, you

must either use auto-negotiation on both sides of the connection, or set both sides to the same static speed

to ensure a stable network link. 8000 Series managed devices do not support half duplex network links;

they also do not support differences in speed or duplex configurations at opposite ends of a connection.

Firepower 8000 Series Hardware Installation Guide

6-6

Crossover Bypass Connection Cabling

Valid Configurations for Hardware Bypass

Cable

Managed Device

straight-through

crossover

straight-through

crossover

straight-through

crossover

Chapter 6

Deploying Firepower Managed Devices

Cable

Endpoint 2

straight-through

MDI

straight-through

MDI

crossover

MDI

straight-through

MDIX

straight-through

MDIX

straight-through

MDI

crossover

MDI

straight-through

MDI

Table of Contents

This manual is also suitable for:

Amp8140 Amp8150 Amp8120 Amp8250 Amp8260 Amp8270 ... Show all

Special Case: Connecting Firepower 8000 Series Devices - Cisco AMP8050 Hardware Installation

Special Case: Connecting Firepower 8000 Series Devices

Related Manuals for Cisco AMP8050

Related Content for Cisco AMP8050

This manual is also suitable for:

Table of Contents