Pada postingan kali ini, akan menjelaskan cara mengonfigurasi Firepower Threat Defense initial config dan bagaimana cara me-register Firepower Threat Defense ke Firepower Management Center
1. Power On FTD, dan konek FTD via kabel console
2. Login dengan memasukkan username admin dan password
Admin123. Pada saat kita menggunakan console, Maka kita masuk pada mode FXOS CLI
3. Setelah itu, FTD akan meminta untuk mengganti password,
password ini juga yang akan kita pakai untuk login SSH
4. Setelah itu, masuk ke console ftd dengan command
#connect ftd
5. Setelah itu, kita akan dihadapkan pada command seperti
berikut
You must accept the EULA to continue.
Press <ENTER> to display the EULA:
End User License Agreement
[...]
Please enter 'YES' or press <ENTER> to AGREE to the EULA:
Press <ENTER> to display the EULA:
End User License Agreement
[...]
Tekan Enter, untuk accept EULA (End User License Agreement)
6. Setelah itu muncul guide untuk melakukan initial config,
isi sesuai dengan design ip address, yang sudah kita tentukan
System initialization in progress. Please stand by.You must change the password for 'admin' to continue.Enter new password: ********Confirm new password: ********You must configure the network to continue.You must configure at least one of IPv4 or IPv6.Do you want to configure IPv4? (y/n) [y]:Do you want to configure IPv6? (y/n) [n]:Configure IPv4 via DHCP or manually? (dhcp/manual) [manual]:Enter an IPv4 address for the management interface [192.168.45.45]: 192.168.10.41Enter an IPv4 netmask for the management interface [255.255.255.0]: 255.255.255.0Enter the IPv4 default gateway for the management interface [data-interfaces]: 192.168.10.1Enter a fully qualified hostname for this system [firepower]: ftd-1.cisco.comEnter a comma-separated list of DNS servers or 'none' [208.67.222.222,208.67.220.220]:Enter a comma-separated list of search domains or 'none' []:If your networking information has changed, you will need to reconnect.For HTTP Proxy configuration, run 'configure network http-proxy' Manage the device locally? (yes/no) [yes]: noConfigure firewall mode? (routed/transparent) [routed]:Configuring firewall mode ... Update policy deployment information - add device configuration - add network discovery - add system policy You can register the sensor to a Firepower Management Center and use theFirepower Management Center to manage it. Note that registering the sensorto a Firepower Management Center disables on-sensor Firepower Servicesmanagement capabilities. When registering the sensor to a Firepower Management Center, a uniquealphanumeric registration key is always required. In most cases, to registera sensor to a Firepower Management Center, you must provide the hostname orthe IP address along with the registration key.'configure manager add [hostname | ip address ] [registration key ]' However, if the sensor and the Firepower Management Center are separated by aNAT device, you must enter a unique NAT ID, along with the unique registrationkey.'configure manager add DONTRESOLVE [registration key ] [ NAT ID ]' Later, using the web interface on the Firepower Management Center, you mustuse the same registration key and, if necessary, the same NAT ID when you addthis sensor to the Firepower Management Center.> Note :
* Manage the device locally?— ketik NO karena kita akan menggunakan
FMC untuk GUI nya. Ketik Yes jika ingin menggunakan Firepower Device Manager.
* Configure firewall mode? Cisco rekomendasikan untuk
mengatur firewall mode pada initial config. Mengubah firewall mode setelah initial
config, akan menghapus konfigurasi yang sudah running.
7. pada tahap ini, initial config sudah selesai. Sekarang kita
akan melakukan register FTD ke FMC dengan command sebagai berikut
Note :
*Jika FMC berada dibelakang NAT device, masukkan unique
NAT ID bersama dengan registration key, dan specify DONTRESOLVE sebagai
pengganti nama hostname:
Contoh:
>
configure manager add DONTRESOLVE Cisco1234
natid90
Manager
successfully configured.
*jika FTD berada dibelakang NAT device, masukkan unique NAT ID bersama dengan FMC IP address atau hostname:
Contoh:
>
configure manager add 192.168.10.40 Cisco1234
natid56
Manager
successfully configured.
8. Setelah itu, masuk GUI FMC, pada menubar pilih Devices > Device Management Lalu klik Add > Add Device
9. Isi parameter FTD IP address, Display Name, Registration Key (sama seperti key yang sudah kita setting di FTD tadi), pilih ACP dan Smart Licensing options.
Setelah itu, klik tombol register
Jika berhasil, perangkat sudah ditambahkan ke FMC,dan siap digunakan.
source :https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/firepower-2100-gsg/ftd-fmc.htmlhttps://integratingit.wordpress.com/2018/10/20/ftd-registration-with-fmc/