Configure A Basic Security Policy - Cisco Firepower 1010 Getting Started Manual

Hide thumbs Also See for Firepower 1010:

Getting started manual (190 pages)

Hardware installation manual (50 pages)

Getting started (42 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

page of 158

/ 158
Contents
Table of Contents
Bookmarks

Table of Contents

Configure a Basic Security Policy

• Smart Licensing—Assign the Smart Licenses you need for the features you want to deploy: Malware

• Unique NAT ID—Specify the NAT ID that you specified in the FTD initial configuration.

• Transfer Packets—Allow the device to transfer packets to the FMC. When events like IPS or Snort are

Step 3

Click Register, and confirm a successful registration.

If the registration succeeds, the device is added to the list. If it fails, you will see an error message. If the FTD

fails to register, check the following items:

• Ping—Access the FTD CLI, and ping the FMC IP address using the following command:

• Registration key, NAT ID, and FMC IP address—Make sure you are using the same registration key,

For more troubleshooting information, see https://cisco.com/go/fmc-reg-error.

Configure a Basic Security Policy

This section describes how to configure a basic security policy with the following settings:

• Inside and outside interfaces—Assign a static IP address to the inside interface, and use DHCP for the

• DHCP server—Use a DHCP server on the inside interface for clients.

Cisco Firepower 1010 Getting Started Guide

112

(if you intend to use AMP malware inspection), Threat (if you intend to use intrusion prevention), and

URL (if you intend to implement category-based URL filtering). Note: You can apply an AnyConnect

remote access VPN license after you add the device, from the System > Licenses > Smart Licenses

page.

triggered with this option enabled, the device sends event metadata information and packet data to the

FMC for inspection. If you disable it, only event information will be sent to the FMC, but packet data is

not sent.

ping system ip_address

If the ping is not successful, check your network settings using the show network command. If you need

to change the FTD Management IP address, use the configure network {ipv4 | ipv6} manual command.

If you configured a data interface for management, use the configure network

management-data-interface command.

and if used, NAT ID, on both devices. You can set the registration key and NAT ID on the FTD using

the configure manager add command.

outside interface.

Firepower Threat Defense Deployment with FMC

Table of Contents

Chapters

Table of Contents

Configure A Basic Security Policy - Cisco Firepower 1010 Getting Started Manual

Configure a Basic Security Policy

Chapters

Related Manuals for Cisco Firepower 1010

Related Content for Cisco Firepower 1010

Table of Contents