When you reimage or purchase a new FireSIGHT Management Center, you need to register it with a device that will be inspecting traffic. You can register a FireSIGHT Management Center with FirePOWER appliances, NGIPS Virtual appliances, ASA running FirePOWER services, etc. This article describes how to register a device with a FireSIGHT Management Center.
Step 1: Add a FireSIGHT Management Center to Your Managed Device
Using the Web User Interface of FirePOWER Appliance
1. Navigate to System > Local > Registration.
2. Click on the Add Manager button at the top right of the screen.
3. In the Management Host field, enter the IP address or the hostname of the Management Center that is going to manage the device. Enter a unique alphanumeric Registration Key you want to use to register this device.
4. After filling out the information, click Save.
Using the Command Line Interface (CLI)
1. Connect to the CLI of the device that you want register with FireSIGHT Management Center.
2. Log in with the username admin or another username that has the CLI configuration (Administrator) access level.
3. At the prompt, register the device to a FireSIGHT Management Center using the configure manager add command.
The command has the following syntax:
> configure manager add <hostname | IPv4_address | IPv6_address | DONTRESOLVE>
In the above syntax,
- <hostname | IPv4_address | IPv6_address | DONTRESOLVE> specifies either the fully qualified host name or IP address of the FireSIGHT Management Center. If the FireSIGHT Management Center is not directly addressable, use DONTRESOLVE.
- reg_key is an unique alphanumeric registration key required to register a device to the FireSIGHT Management Center.
- nat_id is an optional alphanumeric string used during the registration process between the FireSIGHT Management Center and the device. It is required if the hostname is set to DONTRESOLVE.
In most cases, you must provide the FireSIGHT Management Center's hostname or the IP address along with the registration key, for example:
> configure manager add DC_IP_Address my_reg_key
However, if the device and the FireSIGHT Management Center are separated by a NAT device, enter a unique NAT ID along with the registration key, and specify DONTRESOLVE instead of the hostname, for example:
configure manager add DONTRESOLVE my_reg_key my_nat_id
In the following example, there is no NAT boundary between the FireSIGHT Management Center and the managed device, and 123456 is used as a registration key.
> configure manager add 192.0.2.2 123456
Manager successfully configured.
Step 2: Add a Device to the FireSIGHT Management Center
1. Log into the web user interface of the Management Center. Click the Devices tab at the top of the page.
2. Click Add which is located at the top right. A drop down list appears. Click Add Device. A window pops up in the middle of the screen requesting the device informaiton.
3. In the Host field, enter the IP address of the device.
4. In the Registration Key field, enter the one-time registration key that you specified earlier.
5. Set the rest of the options to your preference. If you used a NAT ID, click on Advanced to expand it and enter the same NAT ID in the Unique NAT ID field.
6. Click Register. You should now be able to manage your device from the FireSIGHT Management Center.