use the 'client' option in the command 'configure network management-data-interface'.
Setting IPv4 network configuration.
Network settings changed.
>
Example:
> configure network management-data-interface
Data interface to use for management: ethernet1/1
Specify a name for the interface [outside]: internet
IP address (manual / dhcp) [dhcp]: manual
IPv4/IPv6 address: 10.10.6.7
Netmask/IPv6 Prefix: 255.255.255.0
Default Gateway: 10.10.6.1
Comma-separated list of DNS servers [none]: 208.67.222.222,208.67.220.220
DDNS server update URL [none]:
Do you wish to clear all the device configuration before applying ? (y/n) [n]:
Configuration done with option to allow FMC access from any network, if you wish to change
the FMC access network
use the 'client' option in the command 'configure network management-data-interface'.
Setting IPv4 network configuration.
Network settings changed.
>
Step 7 (Optional) Limit data interface access to an FMC on a specific network.
configure network management-data-interface client ip_address netmask
By default, all networks are allowed.
Step 8 Identify the FMC that will manage this FTD.
configure manager add {hostname | IPv4_address | IPv6_address | DONTRESOLVE} reg_key [nat_id]
• {hostname | IPv4_address | IPv6_address | DONTRESOLVE}—Specifies either the FQDN or IP address
of the FMC. If the FMC is not directly addressable, use DONTRESOLVE. At least one of the devices,
either the FMC or the FTD, must have a reachable IP address to establish the two-way, SSL-encrypted
communication channel between the two devices. If you specify DONTRESOLVE in this command,
then the FTD must have a reachable IP address or hostname.
• reg_key—Specifies a one-time registration key of your choice that you will also specify on the FMC
when you register the FTD. The registration key must not exceed 37 characters. Valid characters include
alphanumerical characters (A–Z, a–z, 0–9) and the hyphen (-).
• nat_id—Specifies a unique, one-time string of your choice that you will also specify on the FMC. When
you use a data interface for management, then you must specify the NAT ID on both the FTD and FMC
for registration. The NAT ID must not exceed 37 characters. Valid characters include alphanumerical
characters (A–Z, a–z, 0–9) and the hyphen (-). This ID cannot be used for any other devices registering
to the FMC.
Example:
> configure manager add fmc-1.example.com regk3y78 natid56
Manager successfully configured.
Cisco Firepower 1100 Getting Started Guide
125
Firepower Threat Defense Deployment with a Remote FMC
Central Administrator Pre-Configuration Using the CLI
To Next Page
Loading...
Need help?
General