System initialization in progress.
Please stand by.
You must change the password for 'admin' to continue.
Enter new password:
********
Confirm new password:
********
You must configure the network to continue.
You must configure at least one of IPv4 or IPv6.
Do you want to configure IPv4? (y/n) [y]:
Do you want to configure IPv6? (y/n) [n]:
Configure IPv4 via DHCP or manually? (dhcp/manual) [manual]:
Enter an IPv4 address for the management interface [192.168.45.45]:
10.10.10.15
Enter an IPv4 netmask for the management interface [255.255.255.0]:
255.255.255.192
Enter the IPv4 default gateway for the management interface [data-interfaces]:
Enter a fully qualified hostname for this system [firepower]:
ftd-1.cisco.com
Enter a comma-separated list of DNS servers or 'none' [208.67.222.222,208.67.220.220]:
Enter a comma-separated list of search domains or 'none' []:
If your networking information has changed, you will need to reconnect.
For HTTP Proxy configuration, run 'configure network http-proxy'
Manage the device locally? (yes/no) [yes]:
no
Configure firewall mode? (routed/transparent) [routed]:
Configuring firewall mode ...
Update policy deployment information
- add device configuration
- add network discovery
- add system policy
You can register the sensor to a Firepower Management Center and use the
Firepower Management Center to manage it. Note that registering the sensor
to a Firepower Management Center disables on-sensor Firepower Services
management capabilities.
When registering the sensor to a Firepower Management Center, a unique
alphanumeric registration key is always required.
In most cases, to register
a sensor to a Firepower Management Center, you must provide the hostname or
the IP address along with the registration key.
'configure manager add [hostname | ip address ] [registration key ]'
However, if the sensor and the Firepower Management Center are separated by a
NAT device, you must enter a unique NAT ID, along with the unique registration
key.
'configure manager add DONTRESOLVE [registration key ] [ NAT ID ]'
Later, using the web interface on the Firepower Management Center, you must
use the same registration key and, if necessary, the same NAT ID when you add
this sensor to the Firepower Management Center.
>
Step 5
Configure the outside interface for manager access.
configure network management-data-interface
You are then prompted to configure basic network settings for the outside interface. See the following details
for using this command:
• The Management interface cannot use DHCP if you want to use a data interface for management. If you
did not set the IP address manually during initial setup, you can set it now using the
configure network
{
ipv4
|
ipv6
}
manual
command. If you did not already set the Management interface gateway to
data-interfaces
, this command will set it now.
• When you add the threat defense to CDO, CDO discovers and maintains the interface configuration,
including the following settings: interface name and IP address, static route to the gateway, DNS servers,
Cisco Firepower 1100 Getting Started Guide
130
Threat Defense Deployment with CDO
Perform Initial Configuration Using the CLI