Advertisement
Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide
• If your environment uses DNS, note the hostname that resolves to a valid IP address for the device. If
your environment uses DHCP to assign IP addresses, use a host name to identify the device rather than
an IP address.
• If your environment does not use DNS, you need the IP address for the device.
• Determine what license(s) are needed for the managed device and add them to the FMC; you will add
the license(s) to the managed device during the process of adding it to the FMC. See
Licensing, on page 31
• You must assign an access control policy to the managed device in the course of adding it to the FMC.
The instructions below include a procedure to establish a basic access control policy for this purpose.
Procedure
Step 1
Choose Devices > Device Management > Add > Add Device.
Step 2
In the Host field, enter the IP address or the hostname of the device to add.
The hostname of the device is the fully qualified name or the name that resolves through the local DNS to a
valid IP address. Use a hostname rather than an IP address if your network uses DHCP to assign IP addresses.
In a NAT environment, you may not need to spedify the IP address or hostname of the device, if you already
specified the IP address or hostname of the FMC when you configured the device to be managed by the FMC.
Step 3
In the Display Name field, enter a name for the device as you want it to appear in the FMC web interface.
Step 4
In the Registration Key field, enter the same regstration key that you used when you configured the device
to be managed by the FMC. (This registration key is a one-time-use shared secret that you made up when you
originally identified this FMC on the device.)
Step 5
Choose an initial Access Control Policy. Unless you already have a customized policy you know you need
to use, choose Create new policy, and choose Block all traffic. You can change this later to allow traffic;
see the
If the device is incompatible with the policy you choose, deploying will fail. This incompatibility could occur
for multiple reasons, including licensing mismatches, model restrictions, passive vs inline issues, and other
misconfigurations. See the
information. After you resolve the issue that caused the failure, manually deploy configurations to the device.
Step 6
Choose licenses to apply to the device.
For classic devices, note that Control, Malware, and URL Filtering licenses require a Protection license.
Step 7
If you used a NAT ID during device setup, expand the Advanced section and enter the same NAT ID in the
Unique NAT ID field.
Step 8
Click Register.
It may take up to two minutes for the FMC to verify the device's heartbeat and establish communication.
and
Configure Classic Licensing, on page
Firepower Management Center Configuration Guide
Firepower Management Center Configuration Guide
Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide
Add Managed Devices to the FMC
33.
for your version for more information.
for your version for more
Configure Smart
39
Advertisement
