Advertisement
Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
To establish the connection between the management center and one of its managed devices, you need the IP
address of at least one of the devices: the management center or the managed device. We recommend using
both IP addresses if available. However, you may only know one IP address. For example, managed devices
may be using private addresses behind NAT, so you only know the management center address. In this case
you can specify the management center address on the managed device plus a one-time, unique password of
your choice called a NAT ID. On the management center, you specify the same NAT ID to identify the
managed device.
The initial setup and configuration process described in this document assumes the management center will
have internet access. If you are deploying the management center in an air-gapped environment, see the
Secure Firewall Management Center Administration Guide
use to support certain features such as configuring a proxy for HTTP communications, or using a Smart
Software Satellite Server for Smart Licensing. In a deployment where the management center has internet
access, you can upload updates for system software, as well as the Vulnerability Database (VDB), Geolocation
Database (GEoDB), and intrusion rules directly to the management center from an internet connection. But
if the management center does not have internet access, the management center can upload these updates from
a local computer that has previously downloaded them from the internet. Additionally, in an air-gapped
deployment you might use the management center to serve time to devices in your deployment.
Initial Network Configuration for management centers Using Versions 6.3 - 6.4 :
• Management Interface
• DNS Server(s)
• NTP Server(s)
End to End Procedure to Install the Management Center to Run Software Versions 6.3 - 6.4
See the following tasks to deploy and configure the management center that will run Versions 6.3 - 6.4.
End to End Procedure to Install the Management Center to Run Software Versions 6.3 - 6.4
The management center interface (eth0) uses the default IPv4 address 192.168.45.45, netmask
255.255.255.0, and gateway 192.168.45.1. During initial setup you can accept these defaults or specify
different values.
If you choose to use IPv6 addressing for the management interface, you have the option of using router
autoconfiguration, or you must provide the IPv6 address, prefix length, and gateway. If your network
uses DNS, during initial configuration you can provide a hostname to identify the management center.
If your network uses DNS you can specify the IP addresses for up to three DNS servers during initial
configuration. If you are using an evaluation license you may choose not to use DNS. (During initial
configuration you can also provide a hostname and domain to faciliate communications between the
management center and other hosts through DNS; you can configure additional domains after completing
intial setup.)
Synchronizing the system time on your management center and its managed devices is essential to
successful operation of your System. Configuring time synchronization is not required on initial setup,
but we recommend that you configure your management center to use trusted NTP servers. During initial
setup you will need the host names or IP addresses of those NTP servers.
Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
for your version for alternative methods you can
Cisco
21
Advertisement
