In this tutorial I am going to show you how to deploy FTDv in KVM.
The minimum system requirements for deploying FTDv are 4vCPU and 8GB RAM (Default).
You will need to have at least 4 interfaces to successfully boot up.
Create a shell script to run the setup from the console. You can also use the virt-manager to deploy FTDv.
Below is the sample script to install the FTDv.
- Change the –name=<VM name> to the name that you want for your environment.
- Change the <filename.qcow2> to your actual file name.
- Change the <port> to a tcp port that you are not currently using
- If you have not created the additional bridge you can use the default bridge first for the interfaces and change them later.
sudo nano install_ftdv.shsudo virt-install \
--connect=qemu:///system \
--network network=default,model=virtio \
--network network=default,model=virtio \
--network network=default,model=virtio \
--network network=default,model=virtio \
--name=<VM name> \
--arch=x86_64 \
--cpu host \
--vcpus=4 \
--ram=8192 \
--osinfo=generic \
--virt-type=kvm \
--import \
--watchdog i6300esb,action=reset \
--disk path=<filename.qcow2>,format=qcow2,device=disk,bus=virtio,cache=none \
--disk path==<day0_filename>.iso,format=iso,device=cdrom \
--console pty,target_type=serial \
--serial tcp,host=127.0.0.1:<port>,mode=bind,protocol=telnet \
--force
It takes about 10 mins for the FTDv to fully deploy as it goes through the provisioning and checks.
You will not be able to enter the command in the GUI if you have not done any customization to your KVM.
You will need to telnet to the port you have specified to see the boot up process.
Once that is done you can use the virsh CLI or virt-manager to modify the settings.
Deploy FTDv using virt-manager GUI
- Start virt-manager from the Deskop GUI.
- Using the Virtual Machine Manager select create New VM
- Select import existing disk image
- Load the Disk Image and choose OS type Generic.
- Configure the memory and CPU.
- Check the Customize configuration before install box. Give the VM a name and click Finish.
- Give the VM a name and select IDE Disk 1. Select Yes when prompted to apply change.
- Select virtio as the Disk bus: If you are using an older version of the KVM you will need to specific the storage format as qcow2.
- Add 3 more network interface
Take note of the nic network source it should mapped to the below interfaces.
For the initial deployment it is Important to make sure vnic0, vnic1 and vnic3 are in the same subnet.
vnic0—Management interface (required)
vnic1—Diagnostic interface (required)
vnic2— Outside interface (required)
vnic3—Inside interface (required)
vnic4-9—Data interfaces (optional)
- Add a watchdog service to reset the KVM guest if it hangs or crash.
Important if you have configure the Virt-manager to be able to select telnet for your serial connection then you can do that using the drop down box.
If you are not able to do that from the drop down menu then you need to edit the XML file and add in the serial configuration manually.
Add a new serial hardware and edit the XML. Change the service=’2445′ to a port that is not in use in your system.
<serial type='tcp'>
<source mode='bind' host='127.0.0.1' service='16677' tls="no"/>
<protocol type='telnet'/>
<target port='0'/> </serial>
Click on install to continue.
Then open a console and telnet to the port that you have configure. In my case I am using port 16677. You should see the boot up process from the telnet console.
It should take less than 10 mins to complete the checks and provisioning. When you hit enter you should see the firepower login prompt.
You can check out the official Cisco document for more details on FTDv 7.3.
The default username and password for FTDv should be login name: admin password: Admin123
You will be prompted to change the password after you accepted the EULA and login for the first time.