Advertisement
End to End Procedure to Install the Management Center for Versions 6.5 and Later
To establish the connection between the management center and one of its managed devices, you need the IP
address of at least one of the devices: the management center or the managed device. We recommend using
both IP addresses if available. However, you may only know one IP address. For example, managed devices
may be using private addresses behind NAT, so you only know the management center address. In this case
you can specify the management center address on the managed device plus a one-time, unique password of
your choice called a NAT ID. On the management center, you specify the same NAT ID to identify the
managed device.
The initial setup and configuration process described in this document assumes the management center will
have internet access. If you are deploying a management center in an air-gapped environment, see the
Secure Firewall Management Center Administration Guide
use to support certain features such as configuring a proxy for HTTP communications, or using a Smart
Software Satellite Server for Smart Licensing. In a deployment where the management center has internet
access, you can upload updates for system software, as well as the Vulnerability Database (VDB), Geolocation
Database (GEoDB), and intrusion rules directly to the management center from an internet connection. But
if the management center does not have internet access, the management center can upload these updates from
a local computer that has previously downloaded them from the internet. Additionally, in an air-gapped
deployment you might use the management center to serve time to devices in your deployment.
Initial Network Configuration for Management Centers Using Versions 6.5+:
• Management Interface
• DNS Server(s)
• NTP Server(s)
End to End Procedure to Install the Management Center for Versions 6.5 and Later
See the following tasks to deploy and configure a management center that will run Versions 6.5 and later.
Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
8
By default the management center seeks out a local DHCP server for the IP address, network mask, and
default gateway to use for the management interface (eth0). If the management center cannot reach a
DHCP server, it uses the default IPv4 address 192.168.45.45, netmask 255.255.255.0, and gateway
192.168.45.1. During initial setup you can accept these defaults or specify different values.
If you choose to use IPv6 addressing for the management interface, you must configure this through the
web interface after completing the initial setup.
Specify the IP addresses for up to two DNS servers. If you are using an evaluation license you may
choose not to use DNS. (During initial configuration you can also provide a hostname and domain to
faciliate communications between the management center and other hosts through DNS; you can configure
additional domains after completing intial setup.)
Synchronizing the system time on your management center and its managed devices is essential to
successful operation of your System; setting management center time synchronization is required during
initial configuration. You can accept the default (0.sourcefire.pool.ntp.org and 1.sourcefire.pool.ntp.org
as the primary and secondary NTP servers, respectively), or supply FQDNs or IP addresses for one or
two trusted NTP servers reachable from your network. (If you are not using DNS you may not use FQDNs
to specify NTP servers.)
Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
for your version for alternative methods you can
Cisco
Advertisement
