Cisco ASA 5506-X Configuration Manual page 357
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
Chapter 16
ASA FirePOWER (SFR) Module
Procedure
Step 1
Do one of the following:
•
•
Log in with the username admin or another username that has the CLI configuration (Administrator)
Step 2
access level.
At the prompt, register the device to a FireSIGHT Management Center using the configure manager
Step 3
add command, which has the following syntax:
configure manager add {hostname | IPv4_address | IPv6_address | DONTRESOLVE} reg_key
[nat_id]
where:
•
•
•
Log into the FireSIGHT Management Center using an HTTPS connection in a browser, using the
Step 4
hostname or address entered above. For example, https://DC.example.com.
Use the Device Management (Devices > Device Management) page to add the device. For more
information, see the online help or the Managing Devices chapter in the FireSIGHT System User Guide.
Configure the Security Policy on the ASA FirePOWER Module
The security policy controls the services provided by the module, such as Next Generation IPS filtering
and application filtering.
You use FireSIGHT Management Center to configure the security policy on the module.
For the ASA 5506-X, you can alternatively use ASDM. However, you can never use both ASDM and
FireSIGHT Management Center, you must choose one or the other. If you configure a FireSIGHT
Management Center for the module, you must use the configured manager. If you do not configure a
manager, you must use ASDM.
There is no CLI for configuring the security policy.
(All models.) Use SSH to connect to the ASA FirePOWER management IP address.
(Software modules only.) Open a session to the module from the ASA CLI (see the "Getting Started"
chapter in the general operations configuration guide to access the ASA CLI). In multiple context
mode, session from the system execution space.
hostname# session sfr
{hostname | IPv4_address | IPv6_address | DONTRESOLVE} specifies either the fully qualified
host name or IP address of the FireSIGHT Management Center. If the FireSIGHT Management
Center is not directly addressable, use DONTRESOLVE.
reg_key is the unique alphanumeric registration key required to register a device to the FireSIGHT
Management Center.
nat_id is an optional alphanumeric string used during the registration process between the
FireSIGHT Management Center and the device. It is required if the hostname is set to
DONTRESOLVE.
Configure the ASA FirePOWER Module
Cisco ASA Series Firewall CLI Configuration Guide
16-17
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
