7-9
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 7 ASA FirePOWER Module
Perform Initial ASA FirePOWER Setup
Access the ASA FirePOWER CLI
To access the ASA FirePOWER CLI, you can use one of the following methods.
Console Port
•
ASA 5585-X—This model includes a dedicated console port for the ASA FirePOWER module. Use
the supplied DB-9 to RJ-45 serial cable and/or your own USB serial adapter.
•
All other models—Connect to the ASA console port using the supplied DB-9 to RJ-45 serial cable
and/or your own USB serial adapter. The ASA 5506-X/5508-X/5516-X also has a mini-USB console
port. See the
for instructions on using the USB console port.
At the ASA CLI, session to the ASA FirePOWER module:
session sfr
See also
Session to the Software Module From the ASA, page 7-20
SSH
You can connect to the module default IP address (see
Defaults for ASA FirePOWER, page 7-6
) or you
can use the following ASA command to change the management IP address, and then connect using
SSH:
session
{
1
|
sfr
}
do setup host ip
ip_address
/
mask
,
gateway_ip
Use
1
for a hardware module,
sfr
for a software module.
Configure ASA FirePOWER Basic Settings
The first time you access the ASA FirePOWER module CLI, you are prompted for basic configuration
parameters. You must also add the module to the FireSIGHT Management Center (optional for the ASA
5506-X/5508-X/5516-X).
Procedure
Step 1
At the ASA FirePOWER CLI, log in with the username
admin
and the password
Sourcefire
.
Step 2
Complete the system configuration as prompted.
Use the following network settings for the ASA FirePOWER module for the recommended network
deployment (
Deploy the ASA FirePOWER Module in Your Network, page 7-7
):
•
Management interface: 192.168.1.2
•
Management subnet mask: 255.255.255.0
•
Gateway IP: 192.168.1.1
Step 3
(Optional for 5506-X/5508-X/5516-X) Register the ASA FirePOWER module to a FireSIGHT
Management Center:
>
configure manager add
{
hostname
|
IPv4_address
|
IPv6_address
|
DONTRESOLVE
}
reg_key
[
nat_id
]
where:
Summary of Contents for ASA 5508-X
Page 11: ...P A R T 1 Access Control ...
Page 12: ......
Page 157: ...P A R T 2 Network Address Translation ...
Page 158: ......
Page 233: ...P A R T 3 Service Policies and Application Inspection ...
Page 234: ......
Page 379: ...P A R T 4 Connection Management and Threat Detection ...
Page 380: ......