FirePower FTD加入FMC設定

*FTD加入FMC需要使用MGMT埠

*FMC及FTD都需啟用NTP功能,否則會加入失敗

ssh或console進入FTD cli

>configure manager add 192.168.0.221 cisco

後面的cisco是驗證keys

Manager successfully configured.

Please make note of reg_key as this will be required while adding Device in FMC.

//加入前需要把防毒,IPS,檔案管理功能在smart license裡disable並Delpoy

> show managers //查看FMC設定狀態

Host : 192.168.0.221

Registration Key : ****

Registration : pending

RPC Status :

Type : Manager

Host : 192.168.0.221

Registration : Pending

下一步登入FMC新增設備

FMC

Analysis
CISCO
Firepower Management Center
Devices / Device Management
Overview
Normal (O)
Policies
Devices
Objects
AMP
Licenses
Intelligence
View By :
Group
All (1) • Error (0)
Collapse All
Name
v Ungrouped (1)
Warning (O)
Offline (1)
Deployment Pending (1)
Deploy
Search Device
admin
Add
Model
Versi...
Chassis
Access Control Policy
Device
High Availability
Stack
Group

Add Device
Host: t
192.168.1.1
Display Name:
Registration
Group:
None
Access Control Policy:*
Smart Licensing
Malware
e Threat
URL Filtering
Advanced
Unique NAT ID:t
e Transfer Packets
Register

All (1) • Error (0)
Warning (o)
Offline (0)
Model
Normal (1)
Deployment Pending (O)
Search Device
Access Control Policy
Add
)ollapse All
Name
v Ungrouped (1)
Fp—lOlO
1 92.1 68.0.220
Versi...
6.6.1
Chassis
N/A
- Routed
FTD on Firepower
1010
Licenses
Base, Threat (2
more...

回到FTD

> show managers

Type                      : Manager

Host                      : 192.168.0.221

Registration              : Completed

//控管完成

離開FMC回到本地管理

> configure manager delete

If you enabled any feature licenses, you must disable them in Firepower Device Manager before deleting the local manager. Otherwise, those licenses remain assigned to the device in Cisco Smart Software Manager.

Do you want to continue[yes/no] yes

DCHP Server Disabled

//離開FMC前需要把防毒,IPS,檔案管理功能在FMC>smart license>edit License裡刪除設備並Delpoy

> show managers

No managers configured.

> configure manager local

XPP的網路設備設定紀錄

搜尋此網誌

FirePower FTD加入FMC設定

留言

張貼留言