Configure Interfaces
Enable the threat defense interfaces, assign them to security zones, and set the IP addresses. Typically, you
must configure at least a minimum of two interfaces to have a system that passes meaningful traffic. Normally,
you would have an outside interface that faces the upstream router or internet, and one or more inside interfaces
for your organization’s networks. Some of these interfaces might be “demilitarized zones” (DMZs), where
you place publically-accessible assets such as your web server.
A typical edge-routing situation is to obtain the outside interface address through DHCP from your ISP, while
you define static addresses on the inside interfaces.
The following example configures a routed mode inside interface with a static address and a routed mode
outside interface using DHCP.
Procedure
Step 1
Choose
Devices
>
Device Management
, and click the
Edit
(
) for the firewall.
Step 2
Click
Interfaces
.
Step 3
Click
Edit
(
) for the interface that you want to use for
inside
.
The
General
tab appears.
Cisco Firepower 1100 Getting Started Guide
138
Threat Defense Deployment with CDO
Configure Interfaces