Home
Support
Product Support
Security
Cisco Secure Firewall 1200 Series
Install and Upgrade Guides

Secure Firewall 1210/20 Threat Defense Getting Started: Firewall Management Center at a Central Headquarters

View all Saved Content

PDF

Is this helpful?

Helpful Unhelpful

Feedback

Thank you for your feedback. Your response has been recorded.

Ask about this document

Cisco Configuration Guide, Release 4.2

Table of contents

Expand all sections

About this document

Before You Begin

Power on the firewall
Which application is installed: Firewall Threat Defense or ASA?
Access the Firewall Threat Defense CLI
Check the version and reimage
Obtain licenses
(If Needed) Power off the firewall

Cable and Register the Firewall

Cable the firewall
Perform initial configuration (manual provisioning only)
Register the firewall with the Firewall Management Center

Configure a Basic Policy

Configure interfaces
Configure the DHCP server
Configure NAT
Configure an access control rule
Enable SSH on the outside interface
Deploy the configuration

Configure a Basic Policy

Updated: February 5, 2026

Overview

Configure a basic security policy to get your firewall up and running.

Configure a basic security policy with the following settings:

Inside and outside interfaces—Assign a static IP address to the inside interface, and use DHCP for the outside interface.
DHCP server—Use a DHCP server on the inside interface for clients.
Default route—Add a default route through the outside interface.
NAT—Use interface PAT on the outside interface.
Access control—Allow traffic from inside to outside.

You can also ccustomize your security policy to include more advanced inspections.

Configure interfaces

Enable physical interfaces and configure interface IP addresses.

Configure the DHCP server

Enable the DHCP server if you want clients to use DHCP to obtain IP addresses from the firewall.

Configure NAT

Configure Port Address Translation (PAT) for inside clients.

Configure an access control rule

Add rules to the policy to allow traffic through the firewall.

Enable SSH on the outside interface

Enable SSH connections to the outside interface so you can manage the firewall remotely.

Deploy the configuration

Deploy the configuration changes to the device; none of your changes are active on the device until you deploy them.

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.