Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
To establish the connection between the FMC and one of its managed devices, you need the IP address of at
least one of the devices: the FMC or the managed device. We recommend using both IP addresses if available.
However, you may only know one IP address. For example, managed devices may be using private addresses
behind NAT, so you only know the FMC address. In this case you can specify the FMC address on the managed
device plus a one-time, unique password of your choice called a NAT ID. On the FMC, you specify the same
NAT ID to identify the managed device.
The initial setup and configuration process described in this document assumes the FMC will have internet
access. If you are deploying an FMC in an air-gapped environment, see the
Configuration Guide
configuring a proxy for HTTP communications, or using a Smart Software Satellite Server for Smart Licensing.
In a deployment where the FMC has internet access, you can upload updates for system software, as well as
the Vulnerability Database (VDB), Geolocation Database (GEoDB), and intrusion rules directly to the FMC
from an internet connection. But if the FMC does not have internet access, the FMC can upload these updates
from a local computer that has previously downloaded them from the internet. Additionally, in an air-gapped
deployment you might use the FMC to serve time to devices in your deployment.
Initial Network Configuration for FMCs Using Firepower Versions 6.3 - 6.4 :
• Management Interface
• DNS Server(s)
• NTP Server(s)
End to End Procedure to Install an FMC to Run Software Versions 6.3 - 6.4
See the following tasks to deploy and configure an FMC that will run Firepower Versions 6.3 - 6.4.
for your version for alternative methods you can use to support certain features such as
The FMC management interface (eth0) uses the default IPv4 address 192.168.45.45, netmask
255.255.255.0, and gateway 192.168.45.1. During initial setup you can accept these defaults or specify
different values.
If you choose to use IPv6 addressing for the management interface, you have the option of using router
autoconfiguration, or you must provide the IPv6 address, prefix length, and gateway. If your network
uses DNS, during initial configuration you can provide a hostname to identify the FMC.
If your network uses DNS you can specify the IP addresses for up to three DNS servers during initial
configuration. If you are using an evaluation license you may choose not to use DNS. (During initial
configuration you can also provide a hostname and domain to faciliate communications between the
FMC and other hosts through DNS; you can configure additional domains after completing intial setup.)
Synchronizing the system time on your FMC and its managed devices is essential to successful operation
of your Firepower System. Configuring time synchronization is not required on initial setup, but we
recommend that you configure your FMC to use trusted NTP servers. During initial setup you will need
the host names or IP addresses of those NTP servers.
Cisco Firepower Management Center 1600, 2600, and 4600 Getting Started Guide
End to End Procedure to Install an FMC to Run Software Versions 6.3 - 6.4
Firepower Management Center
21