Secure Firewall 1230/1240/1250 Threat Defense Getting Started: Firewall Device Manager

(Optional) Change management network settings at the CLI

Updated: March 18, 2026

Want to summarize with AI?

Overview

How to change Secure Firewall 1230/1240/1250 Management 1/1 network settings from the CLI when the default addressing does not work, so you can reach the Secure Firewall Device Manager on your network.

By default, you can manage the firewall on either of the following interfaces:

Ethernet 1/2—192.168.95.1/24
Management 1/1—IP address from DHCP

If you can't use the default IP addresses, then you can connect to the console port and perform initial setup at the CLI to set the Management 1/1 IP address to a static address.

Procedure

	1.	Connect to the console port. See Which application is installed: Firewall Threat Defense or ASA?.
	2.	Connect to the Firewall Threat Defense CLI. connect ftd Example: `firepower# connect ftd >`
	3.	Complete the CLI setup script for the Management interface settings. `You must accept the EULA to continue. Press <ENTER> to display the EULA: Cisco General Terms [...] Please enter 'YES' or press <ENTER> to AGREE to the EULA: System initialization in progress. Please stand by. You must configure the network to continue. Configure at least one of IPv4 or IPv6 unless managing via data interfaces. Do you want to configure IPv4? (y/n) [y]: Do you want to configure IPv6? (y/n) [y]: n` Guidance: Enter y for at least one of these types of addresses. `Configure IPv4 via DHCP or manually? (dhcp/manual) [manual]:` Guidance: Choose manual to set a static IP address. `Enter an IPv4 address for the management interface [192.168.45.61]: 10.89.5.17 Enter an IPv4 netmask for the management interface [255.255.255.0]: 255.255.255.192 Enter the IPv4 default gateway for the management interface [data-interfaces]: 10.10.10.1` Guidance: Set an IP address for the gateway. `Enter a fully qualified hostname for this system [firepower]: 1010-3 Enter a comma-separated list of DNS servers or 'none' [208.67.222.222,208.67.220.220,2620:119:35::35]: Enter a comma-separated list of search domains or 'none' []: cisco.com If your networking information has changed, you will need to reconnect. Disabling IPv6 configuration: management0 Setting DNS servers: 208.67.222.222,208.67.220.220,2620:119:35::35 Setting DNS domains:cisco.com` `Setting hostname as 1010-3 Setting static IPv4: 10.89.5.17 netmask: 255.255.255.192 gateway: data on management0 Updating routing tables, please wait... All configurations applied to the system. Took 3 Seconds. Saving a copy of running network configuration to local disk. For HTTP Proxy configuration, run 'configure network http-proxy' Manage the device locally? (yes/no) [yes]: yes >` Guidance: Enter yes to use the Firewall Device Manager.
	4.	Log into the Firewall Device Manager on the new Management IP address.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

(Optional) Change management network settings at the CLI

Overview

Procedure

Example:

Need help?