Cisco Firepower management center 1000 User manual

Cisco Firepower Management Center 1000, 2500,

and 4500 Getting Started Guide

First Published: 2017-02-21

Last Modified: 2020-04-06

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started

Guide

The Firepower Management Center (FMC) 1000, 2500, and 4500 Getting Started Guide explains FMC

installation, login, setup, initial administrative settings, and configuration for your secure network. This

document also describes maintenance activities such as establishing alternative means of FMC access, adding

managed devices to the FMC, FMC factory reset, saving and loading configurations, erasing the hard drive,

and performing an appliance shutdown or restart.

In a typical deployment on a large network, you install multiple managed devices on network segments. Each

device controls, inspects, monitors, and analyzes traffic, and then reports to a managing FMC. The FMC

provides a centralized management console with a web interface that you can use to perform administrative,

management, analysis, and reporting tasks in service to securing your local network.

About the Firepower Management Center Models 1000, 2500, and 4500

The following topics provide information about front and rear panel features that you need to follow the

instructions in this document.

Physical Interfaces

The following figure illustrates the rear panel of the FMC 1000, and identifies ports you need to follow the

instructions in this document. For information on all the rear-panel ports, see the Cisco Firepower Management

Center 1000, 2500, and 4500 Hardware Installation Guide.

Figure 1: FMC 1000 Rear Panel

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Serial console port22 USB keyboard ports

You can connect a keyboard, and along with a

monitor on the VGA port, you can access the

console.

VGA interface

Console message are sent to this port by default.

4eth0 management interface (labeled "1")

Gigabit Ethernet 10/100/1000 Mbps interface,

RJ-45

eth0 is the default management interface.

You can use Lights-Out-Management (LOM) on the default management interface (eth0) on a Serial Over

LAN (SOL) connection to remotely monitor or manage the FMC system. For information about using LOM

and SOL, see Set Up Lights-Out Management, on page 41.

Note

The following figure illustrates the rear panel of the FMC 2500 and 4500, and identifies ports you need to

follow the instructions in this document. For information on all the rear-panel ports, see the Cisco Firepower

Management Center 1000, 2500, and 4500 Hardware Installation Guide.

Figure 2: FMC 2500 and 4500 Rear Panel

Serial console port22 USB keyboard ports

You can connect a keyboard, and along with a

monitor on the VGA port, you can access the

console.

VGA interface

Console message are sent to this port by default.

4eth0 management interface (labeled "1")

Gigabit Ethernet 10/100/1000 Mbps interface,

RJ-45

eth0 is the default management interface.

Front Panel LEDs and their States

The following figure illustrates the front panel of the FMC 1000, 2500, and 4500, identifies the LED lights,

and provides the information you need to determine appliance status based on the LEDs. The FMC 2500 has

four SAS drives, and the FMC 4500 has six SAS drives, each with the same drive fault and drive activity

LEDs as shown in the diagram. For information on all the front-panel features, see the Cisco Firepower

Management Center 1000, 2500, and 4500 Hardware Installation Guide.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Front Panel LEDs and their States

Figure 3: Front Panel LEDs, Buttons, and their States

Drive activity LED

• Off—There is no drive in the drive tray (no

access, no fault).

• Green—The drive is ready.

• Green, flashing—The drive is reading or

writing data.

2Drive fault LED

• Off—The drive is operating properly.

• Amber—Drive fault detected.

• Amber, flashing—The device is rebuilding.

• Amber, flashing in 1-second

intervals—Drive locate function activated.

Unit identification button/LED

• Off—The unit identification function is not

in use.

• Blue—The unit identification function is

activated.

4Power button/power status LED

• OFf—There is no AC power to the chassis.

• Amber—The chassis is in standby power

mode.

• Green—The chassis is in main power mode.

Power is supplied to all components.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Front Panel LEDs and their States

Fan status LED

• Green—All fans are operating properly.

• Amber—One or more fans breached the

critical threshold.

• Amber, flashing—One or more fans

breached the unrecoverable threshold.

6System status LED

• Green—The chassis is running in normal

operating condition.

• Green, flashing—The chassis is performing

system initialization and memory check.

• Amber—The chassis is in a degraded

operational state. For example:

• Power supply redundancy is lost.

• CPUs are mismatched.

• At least one CPU is faulty.

• At least one DIMM is faulty.

• At least one drive in a RAID

configuration failed.

•Amber, flashing—The chassis is in a critical

fault state. For example:

• Boot failed.

• Fatal CPU and/or bus error is detected.

• The chassis is in an over-temperature

condition.

Power supply status LED

• Green—All power supplies are operating

normally.

• Amber—One or more power supplies are in

a degraded operational state.

• Amber, flashing—One or more power

supplies are in a critical fault state.

8Temperature status LED

• Green—The chassis is operating at normal

temperature.

• Amber—One or more temperature sensors

breached the critical threshold.

• Amber, flashing—One or more temperature

sensors breached the unrecoverable

threshold.

Network link activity LED

• Off—The Ethernet link is idle.

• Green—One or more Ethernet ports are

link-active, but there is no activity.

•Green, flashing—One or more Ethernet ports

are link-active with activity.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Front Panel LEDs and their States

Related Documentation

For virtual devices, refer to the documentation for your virtual platform. For VMware in particular, custom

power options are part of VMware Tools.

Tip

Do not shut off the FMC using the power button; this may cause data loss. Using the web interface or shutdown

commands prepares the system to be safely powered off and restarted without losing configuration data.

Caution

Procedure

Step 1 Choose System >Configuration> Process

Step 2 Choose one of the following:

•Shutdown Management Center to initiate a graceful shutdown of the FMC.

•Reboot Management Center to shutdown and restart the FMC gracefully.

•Restart Management Center Console to restart the communications, database, and HTTP server

processes. This is typically used during troubleshooting, and may cause deleted hosts to reappear in the

network map.

Install the FMC for Versions 6.5 and Later

Follow these instructions to install an FMC that will run Firepower Versions 6.5 and later.

Review Network Deployment for Versions 6.5 and Later

To deploy the FMC you need information about the environment within which it will operate. The following

figure shows an example network configuration for a Firepower deployment.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Install the FMC for Versions 6.5 and Later

Figure 4: Example Network Deployment

By default the FMC connects to your local management network through its management interface (eth0).

Through this connection the FMC communicates with a management computer; managed devices; services

such as DHCP, DNS, NTP; and the internet.

The FMC requires internet access to support Smart Licensing, AMP (Advanced Malware Protection) and TID

(Threat Intelligence Director) services. Depending on services provided by your local management network,

the FMC may also require internet access to reach an NTP or DNS server. You can configure your network

to provide internet access to the FMC directly or through a firewall device.

You can upload updates for system software, as well as the Vulnerability Database (VDB), Geolocation

Database (GEoDB), and intrusion rules directly to the FMC from an internet connection or from a local

computer that has previously downloaded these updates from the internet.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Review Network Deployment for Versions 6.5 and Later

To establish the connection between the FMC and one of its managed devices, you need the IP address of at

least one of the devices: the FMC or the managed device. We recommend using both IP addresses if available.

However, you may only know one IP address. For example, managed devices may be using private addresses

behind NAT, so you only know the FMC address. In this case you can specify the FMC address on the managed

device plus a one-time, unique password of your choice called a NAT ID. On the FMC, you specify the same

NAT ID to identify the managed device.

The initial setup and configuration process described in this document assumes the FMC will have internet

access. If you are deploying an FMC in an air-gapped environment, see the Firepower Management Center

Configuration Guide for your version for alternative methods you can use to support certain features such as

configuring a proxy for HTTP communications, or using a Smart Software Satellite Server for Smart Licensing.

In a deployment where the FMC has internet access, you can upload updates for system software, as well as

the Vulnerability Database (VDB), Geolocation Database (GEoDB), and intrusion rules directly to the FMC

from an internet connection. But if the FMC does not have internet access, the FMC can upload these updates

from a local computer that has previously downloaded them from the internet. Additionally, in an air-gapped

deployment you might use the FMC to serve time to devices in your deployment.

Initial Network Configuration for FMCs Using Firepower Versions 6.5+:

• Management Interface

By default the FMC seeks out a local DHCP server for the IP address, network mask, and default gateway

to use for the management interface (eth0). If the FMC cannot reach a DHCP server, it uses the default

IPv4 address 192.168.45.45, netmask 255.255.255.0, and gateway 192.168.45.1. During initial setup

you can accept these defaults or specify different values.

If you choose to use IPv6 addressing for the management interface, you must configure this through the

web interface after completing the initial setup.

• DNS Server(s)

Specify the IP addresses for up to two DNS servers. If you are using an evaluation license you may

choose not to use DNS. (During initial configuration you can also provide a hostname and domain to

faciliate communications between the FMC and other hosts through DNS; you can configure additional

domains after completing intial setup.)

• NTP Server(s)

Synchronizing the system time on your FMC and its managed devices is essential to successful operation

of your Firepower System; setting FMC time synchronization is required during initial configuration.

You can accept the default (0.sourcefire.pool.ntp.org and 1.sourcefire.pool.ntp.org as the primary and

secondary NTP servers, respectively), or supply FQDNs or IP addresses for one or two trusted NTP

servers reachable from your network. (If you are not using DNS you may not use FQDNs to specify NTP

servers.)

End to End Procedure to Install the FMC for Versions 6.5 and Later

See the following tasks to deploy and configure an FMC that will run Firepower Versions 6.5 and later.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

End to End Procedure to Install the FMC for Versions 6.5 and Later

Review Network Deployment for Versions 6.5 and Later, on page 6Pre-Configuration

Connect Cables Turn On Power Verify Status for Versions 6.5 and Later, on

page 9

Pre-Configuration

Use one of the following:

•Perform Initial Setup at the Web Interface for Versions 6.5 and Later, on

page 12

•FMC Initial Setup Using the CLI for Versions 6.5 and Later, on page 15

Firepower

Management Center

Review Automatic Initial Configuration for Versions 6.5 and Later, on page

Firepower

Management Center

Configure FMC Administrative Settings, on page 29Firepower

Management Center

Add Managed Devices to the FMC, on page 38Firepower

Management Center

Connect Cables Turn On Power Verify Status for Versions 6.5 and Later

This procedure references the rear panel ports of the FMC 2500 and 4500. The FMC 1000 is the same except

that it does not have the two 10-G SFP+ ports above the Ethernet ports.

AC power supplies have internal grounding so no additional chassis grounding is required when the supported

AC power cords are used. For more information about supported power cords, see the Cisco Firepower

Management Center 1000, 2500, and 4500 Hardware Installation Guide.

After rack-mounting the chassis, follow these steps to connect cables, turn on power, and verify connectivity.

Use the following figure to identify the rear panel ports.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Connect Cables Turn On Power Verify Status for Versions 6.5 and Later

Figure 5: Cable Connections

(Models 2500 and 4500 only.)

eth3 management interface

10-Gigabit Ethernet SFP+ support

Use only Cisco-supported SFPs.

2(Models 2500 and 4500 only.)

eth2 management interface

10-Gigabit Ethernet SFP+ support

Use only Cisco-supported SFPs.

Serial console port

Use the console cable (RJ45 to DB9) to connect

a computer to the appliance.

4USB keyboard port3

eth1 management interface (labeled "2")

Gigabit Ethernet 10/100/1000 Mbps interface,

RJ-45

6eth0 management interface (labeled "1")

Gigabit Ethernet 10/100/1000 Mbps interface,

RJ-45

eth0 is the default management interface.

VGA port (DE-15 connector)

Console messages are sent to this port by default.

Before you begin

Read the Regulatory and Compliance Safety Information document before installing the FMC chassis.

Important

• Rack-mount the appliance as described in the Cisco Firepower Management Center 1000, 2500, and

4500 Hardware Installation Guide.

Procedure

Step 1 (Optional, applies only to models 2500 and 4500) eth2 management interface —If your model includes

10-Gigabit Ethernet SFP+ interfaces, install any FMC-supported SFP+ transceivers and cables as needed.

You can connect this interface to the same or different network from your other management interfaces

depending on your network needs. For more information about management interfaces and network topology,

see the Firepower Management Center Configuration Guide.

Cisco Firepower Management Center 1000, 2500, and 4500 Getting Started Guide

Connect Cables Turn On Power Verify Status for Versions 6.5 and Later

This manual suits for next models

Other Cisco Gateway manuals

Cisco

Cisco EPC2434 User manual

Cisco

Cisco Small Business Pro SA520 Troubleshooting guide

Cisco

Cisco DDR2201 Series Operating instructions

Cisco

Cisco Expressway Series User manual

Cisco

Cisco ASR 5000 Series Instruction Manual

Cisco

Cisco 3521 Service manual

Cisco

Cisco DPQ2425 User manual

Cisco

Cisco DPC2434 User manual

Cisco

Cisco MERAKI MR66 User manual

Cisco

Cisco VG400 series Manual

Cisco

Cisco DPC User manual

Cisco

Cisco Small Business SPA8800 User manual

Cisco

Cisco Linksys WAG310G User manual

Cisco

Cisco VG420 Instruction Manual

Cisco

Cisco AudioCodes MP-1288 User manual

Cisco

Cisco DPC2434 User manual

Cisco

Cisco Scientific Atlanta Explorer 4250 User manual

Cisco

Cisco Catalyst 8200 Series User manual

Cisco

Cisco Linksys WAG325N User manual

Cisco

Cisco Linksys WAG200G User manual

Cisco

Cisco UPWL6028F User manual

Cisco

Cisco SIEMENS HICOM 330E Installation and operating instructions

Cisco

Cisco DPC3940 User manual

Cisco

Cisco TELEPRESENCE ISDN GATEWAYS 2.0 Reference guide

Popular Gateway manuals by other brands

Telecom FM

Telecom FM onestream gfx Programming guide

UfiSpace

UfiSpace LoRa GPE810U Quick setup guide

Merak

Merak MMk-736F Quick setup guide

Robustel

Robustel R3010 user guide

turck

turck BL20-PG-EN-V3 user manual

IBM

IBM Security Web Gateway Appliance quick start guide

SSS Siedle

SSS Siedle Smart Gateway Commissioning instructions

ADTRAN

ADTRAN 424RG Installation

Chorus

Chorus Hyperfibre XGS-250WX-A user guide

Dragino

Dragino G308 user manual

Data Domain

Data Domain DD690g Installation and setup guide

Raritan

Raritan Laptop Release notes

Haivision

Haivision Torpedo quick start guide

ATCOM

ATCOM AG-268 user manual

LST

LST M500RFE-AS Specification sheet

Vega

Vega VEGA BS-3 user manual

Kinnex

Kinnex Media Gateway quick start guide

2N Telekomunikace

2N Telekomunikace 2N StarGate user manual

Cisco Firepower Management Center 1000 User manual

Popular Gateway manuals by other brands