Cisco Firepower 1010 Basic Configuration

admin • 2022-08-29 19:33 • 好物分享

This post shows a basic configuration step for a HA setup of two Firepower 1010.

Diagram

Port 1 = WAN Port (DHCP Client)

Port 2 -8 = LAN Ports - 192.168.175.x

Port 7-8 = PoE Ports

Mgmt Port = DHCP Client / Manual Assign

Default login: admin / Admin

Configuration Overview


	Pre-Configuration	Install the firewall. See the hardware installation guide.
	Pre-Configuration	Review the Network Deployment.
	Pre-Configuration	Cable the Device (6.5 and Later) Cable the Device (6.4).
	Pre-Configuration	Power On the Firewall.
	CLI	(Optional) Check the Software and Install a New Version
	CLI or Device Manager	Complete the Threat Defense Initial Configuration.
	Management Center	Log Into the Management Center.
	Cisco Commerce Workspace	Obtain Licenses for the Management Center: Buy feature licenses.
	Smart Software Manager	Obtain Licenses for the Management Center: Generate a license token for the management center.
	Management Center	Obtain Licenses for the Management Center: Register the management center with the Smart Licensing server.
	Management Center	Register the Threat Defense with the Management Center
	Management Center	Configure a Basic Security Policy

Basic Configuration

Cable Connections:

Interface configuration

- WAN (0/0)

- LAN (0/1)

- Others (0/2 - 0/6)

- Mgmt Interface

You can put Mgmt interface into a different network, or you can directly hook it up into your local LAN network.That is depending on your network architecture.

Default Route configuration

Vlan configuration

HA Configuration

HA System Requirements

The 2 units in the HA must:

Be the same model
Have the same number and types of interfaces
Be in the same firewall mode (routed or transparent)
Have the same software version
Be in the same domain or group on the FMC
Have the same NTP configuration
Be fully deployed on the FMC with no uncommitted changes
Not have DHCP or PPPoE configuration in any of their interfaces
FTD devices in HA mush have the same license
HA configurations require two smart license entitlements; one for each device in the pair.

https://www.youtube.com/watch?v=HY_rHkaEq30

Cable Connections

Failover link: - 172.16.40.1/30 172.16.40.1.2/30

Stateful link:172.16.50.1/30 172.16.50.2/30

LED light will show which one is active (green) and which one is passive (amber)

Interface configuration:

WAN - Active IP, Passive IP

LAN - Active IP, Passive IP

Videos

References

版权声明：
作者：admin
链接：https://www.techfm.club/p/34566.html
来源：TechFM
文章版权归作者所有，未经允许请勿转载。

THE END

二维码

严肃科普：景区高空项目看到这种安全带快跑

< <上一篇

Cisco Nexus 5000 Switches Basic Configuration

下一篇>>

搜索内容