5-4
Firepower 7000 and 8000 Series Installation Guide
Chapter 5 Setting Up Firepower Managed Devices
Performing Initial Setup on a Firepower Device Using the CLI
This password allows the admin user to log into the device’s web interface and its CLI; the admin user
has Configuration CLI access. Changing any user’s password for the web interface also changes the
password for the CLI, and vice versa.
Cisco recommends that you use strong password that is at least eight alphanumeric characters of mixed
case and includes at least one numeric character. Avoid using words that appear in a dictionary. For more
information, see Change Password, page 5-6.
Step 4 Configure network settings for the device.
First configure (or disable) IPv4 management settings, then IPv6. If you manually specify network
settings, you must:
• enter IPv4 addresses, including the netmask, in dotted decimal form. For example, you could specify
a netmask of 255.255.0.0.
• enter IPv6 addresses in colon-separated hexadecimal form. For an IPv6 prefix, specify the number
of bits; for example, a prefix length of 112.
For more information, see Network Settings, page 5-6. The console may display messages as your
settings are implemented.
Step 5 Select whether you want to allow changing of the device’s network settings using the LCD panel.
Caution Enabling this option can present a security risk. You need only physical access, not authentication, to
configure network settings using the LCD panel. For more information, see Using the LCD Panel on a
Firepower Device, page 6-1.
Step 6 Specify the detection mode based on how you deployed the device.
For more information, see Detection Mode, page 5-8. The console may display messages as your settings
are implemented. When finished, the device reminds you to register this device to a Firepower
Management Center, and displays the CLI prompt.
Step 7 To use the CLI to register the device to the Firepower Management Center that will manage it, continue
with the next section, Registering a Firepower Device to a Management Center Using the CLI.
You must manage devices with a Firepower Management Center. If you do not register the device now,
you must log in later and register it before you can add it to a Firepower Management Center.
Step 8 Log out of the device.
Registering a Firepower Device to a Management Center Using the CLI
Access: Configuration CLI
If you configured a Firepower device using the CLI, Cisco recommends that you use the CLI to register
the device to a Firepower Management Center at the conclusion of the setup script. It is easiest to register
a device to its Firepower Management Center during the initial setup process, because you are already
logged into the device’s CLI.
To register a device, use the
configure manager add command. A unique alphanumeric registration key
is always required to register a device to a Firepower Management Center. This is a simple key that you
specify, up to 37 characters in length, and is not the same as a license key.
In most cases, you must provide the Firepower Management Center’s hostname or the IP address along
with the registration key, for example:
To Next Page
Loading...
