For more troubleshooting information, see https://cisco.com/go/fmc-reg-error.
Configure a Basic Security Policy
This section describes how to configure a basic security policy with the following settings:
• Inside and outside interfaces—Assign a static IP address to the inside interface. You configured basic
settings for the outside interface as part of the manager access setup, but you still need to assign it to a
security zone.
• DHCP server—Use a DHCP server on the inside interface for clients.
• NAT—Use interface PAT on the outside interface.
• Access control—Allow traffic from inside to outside.
• SSH—Enable SSH on the manager access interface.
Configure Interfaces
Add the VLAN1 interface for the switch ports or convert switch ports to firewall interfaces, assign interfaces
to security zones, and set the IP addresses. Typically, you must configure at least a minimum of two interfaces
to have a system that passes meaningful traffic. Normally, you would have an outside interface that faces the
upstream router or internet, and one or more inside interfaces for your organization’s networks. By default,
Ethernet1/1 is a regular firewall interface that you can use for outside, and the remaining interfaces are switch
ports on VLAN 1; after you add the VLAN1 interface, you can make it your inside interface. You can
alternatively assign switch ports to other VLANs, or convert switch ports to firewall interfaces.
A typical edge-routing situation is to obtain the outside interface address through DHCP from your ISP, while
you define static addresses on the inside interfaces.
The following example configures a routed mode inside interface (VLAN1) with a static address and a routed
mode outside interface using DHCP (Ethernet1/1).
Procedure
Step 1 Choose Devices > Device Management, and click the Edit ( ) for the device.
Step 2 Click Interfaces.
Cisco Firepower 1010 Getting Started Guide
69
Threat Defense Deployment with a Remote Management Center
Configure a Basic Security Policy
To Next Page
Loading...
Need help?
General
