Cisco Firepower 1010 Getting Started Manual page 140

Hide thumbs Also See for Firepower 1010:

Getting started manual (190 pages)

Hardware installation manual (50 pages)

Getting started (42 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

page of 182

/ 182
Contents
Table of Contents
Bookmarks

Table of Contents

Configure a Basic Security Policy

For more troubleshooting information, see https://cisco.com/go/fmc-reg-error.

Configure a Basic Security Policy

This section describes how to configure a basic security policy with the following settings:

• Inside and outside interfaces—Assign a static IP address to the inside interface, and use DHCP for the

• DHCP server—Use a DHCP server on the inside interface for clients.

• Default route—Add a default route through the outside interface.

• NAT—Use interface PAT on the outside interface.

• Access control—Allow traffic from inside to outside.

• SSH—Enable SSH on the FMC access interface.

To configure a basic security policy, complete the following tasks.

Configure Interfaces (6.5 and Later)

Add the VLAN1 interface for the switch ports or convert switch ports to firewall interfaces, assign interfaces

to security zones, and set the IP addresses. Typically, you must configure at least a minimum of two interfaces

to have a system that passes meaningful traffic. Normally, you would have an outside interface that faces the

upstream router or internet, and one or more inside interfaces for your organization's networks. By default,

Ethernet1/1 is a regular firewall interface that you can use for outside, and the remaining interfaces are switch

ports on VLAN 1; after you add the VLAN1 interface, you can make it your inside interface. You can

alternatively assign switch ports to other VLANs, or convert switch ports to firewall interfaces.

Cisco Firepower 1010 Getting Started Guide

138

All manuals and user guides at all-guides.com

outside interface.

Configure Interfaces (6.5 and Later), on page

Configure Interfaces (6.4), on page

Configure the DHCP Server, on page

Add the Default Route, on page

Configure NAT, on page

Allow Traffic from Inside to Outside, on page

Configure SSH on the FMC Access Data Interface, on page

Deploy the Configuration, on page

Firepower Threat Defense Deployment with a Remote FMC

103.

107.

110.

111.

113.

115.

118.

116.

Table of Contents

Chapters

Table of Contents

This manual is also suitable for:

Lightstream 1010

Cisco Firepower 1010 Getting Started Manual page 140

Chapters

Related Manuals for Cisco Firepower 1010

Related Products for Cisco Firepower 1010

This manual is also suitable for:

Table of Contents