Cisco Firepower 2100 Series Getting Started Manual page 58

Firepower 2100 Appliance Mode Default Configuration
Firepower 2100 Appliance Mode Default Configuration
The Firepower 2100 runs in Appliance mode by default.
Note For pre-9.13(1) versions, Platform mode was the default and only option. If you upgrade from Platform mode,
Platform mode is maintained.
The default factory configuration for the Firepower 2100 in Appliance mode configures the following:
• inside→outside traffic flow—Ethernet 1/1 (outside), Ethernet 1/2 (inside)
• outside IP address from DHCP, inside IP address—192.168.1.1
• management IP address from DHCP—Management 1/1 (management)
• DHCP server on inside interface
• Default routes from outside DHCP, management DHCP
• ASDM access—Management and inside hosts allowed. Inside hosts are limited to the 192.168.1.0/24
• NAT—Interface PAT for all traffic from inside to outside.
• DNS servers—OpenDNS servers are pre-configured.
The configuration consists of the following commands:
interface Management1/1
management-only
nameif management
security-level 100
ip address dhcp setroute
no shutdown
!
interface Ethernet1/1
nameif outside
security-level 0
ip address dhcp setroute
no shutdown
!
interface Ethernet1/2
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
no shutdown
!
object network obj_any
subnet 0.0.0.0 0.0.0.0
nat (any,outside) dynamic interface
!
http server enable
http 0.0.0.0 0.0.0.0 management
http 192.168.1.0 255.255.255.0 management
!
dhcpd auto_config outside
dhcpd address 192.168.1.20-192.168.1.254 inside
dhcpd enable inside
Cisco Firepower 2100 Getting Started Guide
56
network.
ASA Deployment in Appliance Mode