Getting Started. Task Flow. Initial Configuration. Task Flow, on page 1 Initial Configuration, on page 1 Accessing the FXOS CLI, on page 4

Similar documents
Cisco FXOS Firepower Chassis Manager Configuration Guide, 1.1(2)

Cisco FXOS Firepower Chassis Manager Configuration Guide, 2.0(1)

Configuring the Fabric Interconnects

Cisco FXOS CLI Configuration Guide, 2.3(1)

Deploying Cisco UCS Central

Backing Up and Restoring the Configuration

D-Link (Europe) Ltd. 4 th Floor Merit House Edgware Road London HA7 1DP U.K. Tel: Fax:

Getting Started. About the ASA for Firepower How the ASA Works with the Firepower 2100

Installing the Cisco Virtual Network Management Center

UCS IPv6 Management Configuration Example

Installing Cisco StadiumVision Director Software from a DVD

Getting Started. Getting Started with Your Platform Model. Factory Default Configurations CHAPTER

Configuring the JUNOS Software the First Time on a Router with a Single Routing Engine

Configure the Cisco DNA Center Appliance

Getting Started. Access the Console for the Command-Line Interface. Access the Appliance Console

Link Gateway Initial Configuration Manual

To access the Startup Wizard, choose one of the following options: Wizards > Startup Wizard.

Configure the Cisco DNA Center Appliance

Reimage Procedures. Firepower 2100 Series Software Reimage and Disaster Recovery

Logging into the Firepower System

Managing Services Modules

Using the Command Line Interface (CLI)

Deploy the Firepower Management Center Virtual On the AWS Cloud

Initial Configuration for the Switch

Lab Using the CLI to Gather Network Device Information Topology

Configuring the Switch with the CLI-Based Setup Program

Using the Cisco NX-OS Setup Utility

Using the Cisco NX-OS Setup Utility

Configuring the Switch with the CLI-Based Setup Program

Lab - Connect to a Router for the First Time

Installing and Managing the Switch

Bring-up the Router. Boot the Router

Deployment of FireSIGHT Management Center on VMware ESXi

About Chassis Manager

The following topics explain how to get started configuring Firepower Threat Defense. Table 1: Firepower Device Manager Supported Models

Configure the Cisco DNA Center Appliance

EdgeConnect for Amazon Web Services (AWS)

VSB Backup and Recovery

Deploy a Customer Site

Configuring Cisco Mobility Express controller

Setting the Management IP Address

Using the Cisco NCS Command-Line Interface

Overview of the Cisco NCS Command-Line Interface

Firepower extensible Operating System (FXOS) 2.2: Chassis Authentication and Authorization for remote management with ACS using RADIUS

Configuring the Switch with the CLI Setup Program

KeySecure Version 6.1.0

DX 32xx and DX 36xx Quick Start

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

DX Application Acceleration Platform Quick Start

Lab 7 Configuring Basic Router Settings with IOS CLI

Deployment of a new M-Lab site

Logging In and Setting Up

Cisco Branch Routers Series Network Analysis Module (NME-NAM-120S) Installation and Configuration Note, 4.2

Contents. Introduction

FlexPod Express with VMware vsphere 6.0U2, NetApp E-Series, and Cisco UCS Mini

System Administration

Bring-up the Router. Boot the Router

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Troubleshooting. Contacting Cisco TAC. Checking the Version Number of Cisco Configuration Engine APPENDIXA

OmniVista 3.5 Discovery Help

Configuring Cisco Prime NAM

Getting Started with the VG248

Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.2

Network Configuration Example

Troubleshoot Firmware

Initial Configuration

Persistent Data Transfer Procedure

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Setting the Management IP Address

PT Activity: Configure AAA Authentication on Cisco Routers

DGS-3630-Series Switches

Configuring Cisco UCS Server Pools and Policies

Forescout. Quick Installation Guide. Single Appliance. Version 8.1

Configuring the Management Access List

8.9.2 Lab: Configure an Ethernet NIC to use DHCP in Windows Vista

Installing or Upgrading ANM Virtual Appliance

Getting Started with Your Device Configuration

ForeScout CounterACT. Single CounterACT Appliance. Quick Installation Guide. Version 8.0

Working with Cisco UCS Manager

CCNA 1 Chapter 2 v5.0 Exam Answers %

Cisco Nexus 5648Q. Switch Configuration Guide for Dell EMC SC Series SANs

Installing the Cisco Nexus 1000V Software Using ISO or OVA Files

Cisco Asa 5505 Reset Factory Default Command Line

Cisco ASA for Firepower 2100 Series Getting Started Guide

SOA Software API Gateway Appliance 6.3 Administration Guide

Pexip Infinity and Amazon Web Services Deployment Guide

ECDS MDE 100XVB Installation Guide on ISR G2 UCS-E and VMWare vsphere Hypervisor (ESXi)

Powering On the Cisco VG224 Voice Gateway

Using the Startup Wizard

ilo MP Utilities ilo MP

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Lab Configuring and Verifying Extended ACLs Topology

System Configuration. The following topics explain how to configure system configuration settings on Firepower Management Centers and managed devices:

4. Web-based Switch Configuration

Lab - Examining Telnet and SSH in Wireshark

Lab - Configure Wireless Router in Windows

Administration of Cisco WLC

UCS deployment guide for Nimble Storage

24-Port Gigabit + 4-Port 10G SFP+ Slot. Layer 3 Stackable Managed Switch XGS Quick Installation Guide

Cyclades ACS 5000 Advanced Console Server Appliances Release Notes Version September 24 th 2010

Transcription:

Task Flow, on page 1 Initial Configuration, on page 1 Accessing the FXOS CLI, on page 4 Task Flow The following procedure shows the basic tasks that should be completed when configuring your Firepower 4100/9300 chassis. Procedure Step 1 Configure the Firepower 4100/9300 chassis hardware (see the Cisco Firepower Security Appliance Hardware Installation Guide). Step 2 Complete the initial configuration (see Initial Configuration, on page 1). Step 3 Set the Date and Time (see Setting the Date and Time). Step 4 Configure a DNS server (see Configuring DNS Servers). Step 5 Register your product license (see License Management for the ASA). Step 6 Configure users (see User Management). Step 7 Perform software updates as required (see Image Management). Step 8 Configure additional platform settings (see Platform Settings). Step 9 Configure interfaces (see Interface Management). Step 10 Create logical devices (see Logical Devices). Initial Configuration Before you can use Firepower Chassis Manager or the FXOS CLI to configure and manage your system, you must perform some initial configuration tasks using the FXOS CLI accessed through the console port. The first time that you access the Firepower 4100/9300 chassis using the FXOS CLI, you will encounter a setup wizard that you can use to configure the system. 1

Initial Configuration You can choose to either restore the system configuration from an existing backup file, or manually set up the system by going through the Setup wizard. If you choose to restore the system, the backup file must be reachable from the management network. You must specify only one IPv4 address, gateway, and subnet mask, or only one IPv6 address, gateway, and network prefix for the single management port on the Firepower 4100/9300 chassis. You can configure either an IPv4 or an IPv6 address for the management port IP address. Before you begin 1. Verify the following physical connections on the Firepower 4100/9300 chassis: The console port is physically connected to a computer terminal or console server. The 1 Gbps Ethernet management port is connected to an external hub, switch, or router. For more information, refer to the Cisco Firepower Security Appliance Hardware Installation Guide. 2. Verify that the console port parameters on the computer terminal (or console server) attached to the console port are as follows: 9600 baud 8 data bits No parity 1 stop bit Procedure Step 1 Step 2 Step 3 Connect to the console port. Power on the Firepower 4100/9300 chassis. You will see the power on self-test messages as the Firepower 4100/9300 chassis boots. When the unconfigured system boots, a setup wizard prompts you for the following information required to configure the system: Setup mode (restore from full system backup or initial setup) Strong password enforcement policy (for strong password guidelines, see User Accounts) Admin password System name Management port IPv4 address and subnet mask, or IPv6 address and prefix Default gateway IPv4 or IPv6 address IP block address for SSH access IPv4 or IPv6 block netmask for SSH access IP block address for HTTPS access 2

Initial Configuration IPv4 or IPv6 block netmask for HTTPS access DNS Server IPv4 or IPv6 address Default domain name Step 4 Review the setup summary and enter yes to save and apply the settings, or enter no to go through the Setup wizard again to change some of the settings. If you choose to go through the Setup wizard again, the values you previously entered appear in brackets. To accept previously entered values, press Enter. Example The following example sets up a configuration using IPv4 management addresses: Enter the setup mode; setup newly or restore from backup. (setup/restore)? setup You have chosen to setup a new Fabric interconnect. Continue? (y/n): y Enforce strong password? (y/n) [y]: n Enter the password for "admin": adminpassword%958 Confirm the password for "admin": adminpassword%958 Enter the system name: foo Physical Switch Mgmt0 IP address : 192.168.10.10 Physical Switch Mgmt0 IPv4 netmask: 255.255.255.0 IPv4 address of the default gateway: 192.168.10.1 Do you want to configure IP block for ssh access? (yes/no) [y]: y SSH IPv4 block netmask: 0.0.0.0 Do you want to configure IP block for https access? (yes/no) [y]: y HTTPS IP block address: 0.0.0.0 HTTPS IPv4 block netmask: 0.0.0.0 Configure the DNS Server IP address (yes/no) [n]:y DNS IP address: 20.10.20.10 Configure the default domain name? (yes/no) [n]: y Default domain name: domainname.com Following configurations will be applied: Switch Fabric=A System Name=foo Enforce Strong Password=no Physical Switch Mgmt0 IP Address=192.168.10.10 Physical Switch Mgmt0 IP Netmask=255.255.255.0 Default Gateway=192.168.10.1 IPv6 value=0 SSH Access Configured=yes SSH IP Address=0.0.0.0 SSH IP Netmask=0.0.0.0 HTTPS Access Configured=yes HTTPS IP Address=0.0.0.0 HTTPS IP Netmask=0.0.0.0 DNS Server=20.10.20.10 Domain Name=domainname.com Apply and save the configuration (select 'no' if you want to re-enter)? (yes/no): yes The following example sets up a configuration using IPv6 management addresses: Enter the setup mode; setup newly or restore from backup. (setup/restore)? setup You have chosen to setup a new Fabric interconnect. Continue? (y/n): y Enforce strong password? (y/n) [y]: n Enter the password for "admin": adminpassword%652 Confirm the password for "admin": adminpassword%652 3

Accessing the FXOS CLI Enter the system name: foo Physical Switch Mgmt0 IP address : 2001::107 Physical Switch Mgmt0 IPv6 prefix: 64 IPv6 address of the default gateway: 2001::1 Do you want to configure IP block for ssh access? (yes/no) [y]: y SSH IPv6 block netmask: 0.0.0.0 Do you want to configure IP block for https access? (yes/no) [y]: y HTTPS IP block address: 0.0.0.0 HTTPS IPv6 block netmask: 0.0.0.0 Configure the DNS Server IPv6 address? (yes/no) [n]: y DNS IP address: 2001::101 Configure the DNS Server IP address (yes/no) [n]: Configure the default domain name? (yes/no) [n]: y Default domain name: domainname.com Following configurations will be applied: Switch Fabric=A System Name=foo Enforced Strong Password=no Physical Switch Mgmt0 IPv6 Address=2001::107 Physical Switch Mgmt0 IPv6 Prefix=64 Default Gateway=2001::1 Ipv6 value=1 SSH Access Configured=yes SSH IP Address=0.0.0.0 SSH IP Netmask=0.0.0.0 HTTPS Access Configured=yes HTTPS IP Address=0.0.0.0 HTTPS IP Netmask=0.0.0.0 DNS Server=2001::101 Domain Name=domainname.com Apply and save the configuration (select 'no' if you want to re-enter)? (yes/no): yes Accessing the FXOS CLI You can connect to the FXOS CLI using a terminal plugged into the console port. Verify that the console port parameters on the computer terminal (or console server) attached to the console port are as follows: 9600 baud 8 data bits No parity 1 stop bit You can also connect to the FXOS CLI using SSH and Telnet. The Firepower extensible Operating System supports up to eight simultaneous SSH connections. To connect with SSH, you need to know the hostname or IP address of the Firepower 4100/9300 chassis. Use one of the following syntax examples to log in with SSH, Telnet, or Putty: Note SSH log in is case-sensitive. From a Linux terminal using SSH: ssh ucs-auth-domain\\username@{ucsm-ip-address UCMS-ipv6-address} 4

Accessing the FXOS CLI ssh ucs-example\\jsmith@192.0.20.11 ssh ucs-example\\jsmith@2001::1 ssh -l ucs-auth-domain\\username {UCSM-ip-address UCSM-ipv6-address UCSM-host-name} ssh -l ucs-example\\jsmith 192.0.20.11 ssh -l ucs-example\\jsmith 2001::1 ssh {UCSM-ip-address UCSM-ipv6-address UCSM-host-name} -l ucs-auth-domain\\username ssh 192.0.20.11 -l ucs-example\\jsmith ssh 2001::1 -l ucs-example\\jsmith ssh ucs-auth-domain\\username@{ucsm-ip-address UCSM-ipv6-address} ssh ucs-ldap23\\jsmith@192.0.20.11 ssh ucs-ldap23\\jsmith@2001::1 From a Linux terminal using Telnet: Note Telnet is disabled by default. See Configuring Telnet for instructions on enabling Telnet. telnet ucs-ucsm-host-name ucs-auth-domain\username telnet ucs-qa-10 login: ucs-ldap23\blradmin telnet ucs-{ucsm-ip-address UCSM-ipv6-address}ucs-auth-domain\username telnet 10.106.19.12 2052 ucs-qa-10-a login: ucs-ldap23\blradmin From a Putty client: Login as: ucs-auth-domain\username Login as: ucs-example\jsmith Note If the default authentication is set to local, and the console authentication is set to LDAP, you can log in to the fabric interconnect from a Putty client using ucs-local\admin, where admin is the name of the local account. 5

Accessing the FXOS CLI 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback