If you cannot use the default management IP address (for example, your management network does not include
a DHCP server), then you can connect to the console port and perform initial setup at the CLI, including
setting the Management IP address, gateway, and other basic networking settings.
If you need to change the inside IP address, you can do so after you complete initial setup in the device
manager. For example, you may need to change the inside IP address in the following circumstances:
• (7.0 and later) The inside IP address is 192.168.95.1. (6.7 and earlier) The inside IP address is 192.168.1.1.
If the outside interface tries to obtain an IP address on the 192.168.1.0 network, which is a common
default network, the DHCP lease will fail, and the outside interface will not obtain an IP address. This
problem occurs because the threat defense cannot have two interfaces on the same network. In this case
you must change the inside IP address to be on a new network.
• If you add the threat defense to an existing inside network, you will need to change the inside IP address
to be on the existing network.
Note
The following figure shows the default network deployment for the threat defense using the device manager
with the default configuration.
Figure 24: Suggested Network Deployment
For 6.7 and earlier, the Ethernet 1/2 inside IP address is 192.168.1.1.
For 6.5 and earlier, the Management 1/1 default IP address is 192.168.45.45.
Note
Cisco Firepower 1100 Getting Started Guide
86
Threat Defense Deployment with the Device Manager
Review the Network Deployment and Default Configuration
To Next Page
Loading...
Need help?
General