This procedure shows how to register with a new Firewall Management Center. You should perform these steps even if the new Firewall Management Center uses the old Firewall Management Center's IP address.
Procedure
Step 1 | On the old Firewall Management Center, if present, delete the managed device.
You cannot change the Firewall Management Center IP address if you have an active connection with the Firewall Management Center.
|
Step 2 | Connect to the device CLI, for example using SSH. |
Step 3 | Configure the new Firewall Management Center.
configure manager add {hostname |
IPv4_address | IPv6_address |
DONTRESOLVE } regkey [nat_id]
[display_name]
-
{hostname | IPv4_address | IPv6_address}—Sets the Firewall Management Center hostname, IPv4 address, or IPv6 address.
-
DONTRESOLVE —If the Firewall Management Center is not directly addressable, use DONTRESOLVE instead of a hostname or IP address. If you use DONTRESOLVE , then a nat_id is required. When you add this device to the Firewall Management Center, make sure that you specify both the device IP address and the nat_id ; one side of the connection needs to specify an IP address, and both sides need to specify the same, unique NAT ID.
-
regkey —Make up a registration key to be
shared between the Firewall Management Center and the device during registration. You can choose any text
string for this key between 1 and 37 characters; you will enter the
same key on the Firewall Management Center when you add the Firewall Threat Defense.
-
nat_id —Make up an alphanumeric string from
1 to 37 characters used only during the registration process between
the Firewall Management Center and the device when one side does not specify an IP address. This
NAT ID is a one-time password used only during registration. Make
sure the NAT ID is unique, and not used by any other devices
awaiting registration. Specify the same NAT ID on the Firewall Management Center when you add the Firewall Threat Defense.
-
display_name —Provide a display name for showing this manager with the show managers command. This option is useful if you are identifying Security Cloud Control as the primary manager and an on-prem Firewall Management Center for analytics only. If you don't specify this argument, the firewall auto-generates a display name using one of the following methods:
Example:
> configure manager add DONTRESOLVE abc123 efg456
Manager successfully configured.
Please make note of reg_key as this will be required while adding Device in FMC.
>
|
Step 4 | Add the device to the Firewall Management Center. |