Assign an FDM-Managed Device Interface to a Security Zone
Before you Begin
An interface has the following limitations when adding a security zone:
-
The interface must have a name.
-
The interface cannot be management-only. This option is enabled and disabled from the Advanced tab of the interface.
-
You cannot assign a security zone to a bridge group interface.
-
You cannot assign a security zone to an interface configured for switchport mode.
-
Security Cloud Control does not currently support the management, monitoring, or use of Virtual Tunnel Interface (VTI) tunnels on ASA or FDM-managed devices. Devices with configured VTI tunnels can be onboarded to Security Cloud Control but it ignores VTI interfaces. If a security zone or static route references a VTI, Security Cloud Control reads the security zone and static route without the VTI reference. Security Cloud Control support for VTI tunnels is coming soon.