Cisco Part Number: FPR4K-NM-6X10LR-F= is a Cisco Firepower 6-port 10G LR FTW Network Module, spare
FPR4K-NM-6X10LR-F= is a single-wide module that does not support hot swapping. The six ports are numbered from top to bottom, left to right. Pair ports 1 and 2, 3 and 4, and 5 and 6 to form hardware bypass paired sets.
Hardware Bypass Network Modules
Hardware bypass, also known as fail-to-wire, is a physical layer (Layer 1) feature that enables paired interfaces to enter bypass mode. In this mode, the hardware directly forwards packets between paired ports without requiring software intervention. This functionality ensures network connectivity during software or hardware failures, making it particularly useful for ports where the Firepower security appliance is solely monitoring or logging traffic. These hardware bypass network modules include an optical switch that can connect the two ports as needed, and they come with built-in SFPs.
Hardware bypass is supported only on specific port pairs. For instance, you can pair Port 1 with Port 2 or Port 3 with Port 4, but not Port 1 with Port 4.
There are three configuration options for hardware bypass network modules:
Passive Interfaces: Connect cables to a single port for each network segment you wish to monitor passively. This setup operates like non-hardware bypass network modules.
Inline Interfaces: Connect cables to any two similar ports (e.g., 10 Gb to 10 Gb) on the same network module, across different modules, or on fixed ports. This configuration is for inline monitoring of network segments.
Inline with Hardware Bypass Interfaces: Connect cables to a hardware bypass paired set for each network segment you want to configure inline with fail-open. For 40-Gb network modules, the two ports form a paired set. For 1/10-Gb network modules, connect the top port to the bottom port to establish a hardware bypass paired set. This setup ensures traffic flow even if the security appliance fails or loses power.