Requirements and Prerequisites for Device Management using Device Templates

Model Support

Device templates are supported on On-Prem Management Center, cloud-delivered Firewall Management Center(cdFMC), with the following models running Secure Firewall version 7.4.1 and later versions:

• Firepower 1000 series

• Secure Firewall 1200 series

• Firepower 2100 series (7.4.x only)

• Secure Firewall 3100 series

Supported Domains

Any

User Roles

• To create, modify, or delete templates:

  • Admin

  • Network Admin

• To view the created templates:

  • Any

Prerequisites for VPN Connections in Device Templates

• Configure site-to-site VPN topologies that must be used in the device template.

• Ensure that you have configured all hub and VPN topology-related configurations such as authentication methods, IKE and IPsec policies.

• Supported types of VPN hub and spoke topologies are:

  • Policy-based

  • Route-based

  • SD-WAN

• Assign appropriate logical names and IP addresses to the interfaces of the threat defense devices. For example, use inside for the interface connected to the LAN, and outside for the interface connected to the internet or WAN.

• Spoke devices must be version 7.4.1 and later.

For guidelines and limitations on device management using device templates, see Guidelines and Limitations for Device Management using Device Templates.