Setting static IPv4: 10.89.5.17 netmask: 255.255.255.192 gateway: data on management0
Updating routing tables, please wait...
All configurations applied to the system. Took 3 Seconds.
Saving a copy of running network configuration to local disk.
For HTTP Proxy configuration, run 'configure network http-proxy'
Manage the device locally? (yes/no) [yes]: no
DHCP server is already disabled
DHCP Server Disabled
Configure firewall mode? (routed/transparent) [routed]:
Configuring firewall mode ...
Device is in OffBox mode - disabling/removing port 443 from iptables.
Update policy deployment information
- add device configuration
- add network discovery
- add system policy
You can register the sensor to a Firepower Management Center and use the
Firepower Management Center to manage it. Note that registering the sensor
to a Firepower Management Center disables on-sensor Firepower Services
management capabilities.
When registering the sensor to a Firepower Management Center, a unique
alphanumeric registration key is always required. In most cases, to register
a sensor to a Firepower Management Center, you must provide the hostname or
the IP address along with the registration key.
'configure manager add [hostname | ip address ] [registration key ]'
However, if the sensor and the Firepower Management Center are separated by a
NAT device, you must enter a unique NAT ID, along with the unique registration
key.
'configure manager add DONTRESOLVE [registration key ] [ NAT ID ]'
Later, using the web interface on the Firepower Management Center, you must
use the same registration key and, if necessary, the same NAT ID when you add
this sensor to the Firepower Management Center.
>
Step 6 Configure the outside interface for manager access.
configure network management-data-interface
You are then prompted to configure basic network settings for the outside interface. See the following details
for using this command:
• The Management interface cannot use DHCP if you want to use a data interface for management. If you
did not set the IP address manually during initial setup, you can set it beforehand using the configure
network {ipv4 | ipv6} manual command. If you did not already set the Management interface gateway
to data-interfaces, this command will set it now.
• When you add the threat defense to the management center, the management center discovers and
maintains the interface configuration, including the following settings: interface name and IP address,
static route to the gateway, DNS servers, and DDNS server. For more information about the DNS server
configuration, see below. In the management center, you can later make changes to the manager access
interface configuration, but make sure you don't make changes that can prevent the threat defense or the
management center from re-establishing the management connection. If the management connection is
disrupted, the threat defense includes the configure policy rollback command to restore the previous
deployment.
Cisco Firepower 2100 Getting Started Guide
63
Threat Defense Deployment with a Remote Management Center
Pre-Configuration Using the CLI
To Next Page
Loading...
Need help?
General