Secure Firewall 3100 Threat Defense Getting Started: Firewall Device Manager

PDF

Complete the initial configuration

Updated: March 18, 2026

Want to summarize with AI?

Log in

Overview

Learn how to complete initial Secure Firewall 3100 setup in Secure Firewall Device Manager so the device has basic outside connectivity and a working inside-to-outside policy.

Use the setup wizard when you first log into the Firewall Device Manager to complete the initial configuration. After you complete the setup wizard, you should have a functioning device with a couple of basic policies in place:

  • inside→outside traffic flow

  • Interface PAT for all traffic to outside.

Procedure

1.

Accept the General Terms and change the admin password.

The Device Setup screen appears.

Figure 1. Device Setup
Device Setup
Note

The exact port configuration depends on your model.
2.

Configure network settings for the outside and management interfaces.

Figure 2. Connect firewall to internet
Connect firewall to internet

  1. Outside Interface—Ethernet 1/1. You cannot select an alternative outside interface during initial device setup.

    Configure IPv4—If you need PPPoE, you can configure it after you complete the wizard.

    Configure IPv6

  2. Management Interface—Sets parameters for the dedicated Management 1/1 interface. If you changed the IP address at the CLI, you will not see these settings because you already configured them.

    DNS Servers—The default is the OpenDNS public DNS servers.

    Firewall Hostname

  3. Click Next.
3.

Configure the system time settings.

Figure 3. Time Setting (NTP)
Connect firewall to internet

  1. Time Zone

  2. NTP Time Server

  3. Click Next.
4.

Configure Smart Licensing.

Connect firewall to internet

  1. Click Register device with Cisco Smart Software Manager.

  2. Click the Cisco Smart Software Manager link.

  3. Click Inventory.

  4. On the General tab, click New Token.

  5. On the Create Registration Token dialog box enter the following settings, and then click Create Token:

    • Description

    • Expire After—Cisco recommends 30 days.

    • Max. Number of Uses

    • Allow export-controlled functionality on the products registered with this token—Enables the export-compliance flag if you are in a country that allows for strong encryption. You must select this option now if you plan to use this functionality. If you enable this functionality later, you will need to re-register your device with a new product key and reload the device. If you do not see this option, your account does not support export-controlled functionality.

    The token is added to your inventory.

  6. Click the arrow icon to the right of the token to open the Token dialog box so you can copy the token ID to your clipboard. Keep this token ready for later in the procedure when you need to register the Firewall Threat Defense.

    Figure 4. View Token
    Figure 5. Copy Token

  7. In the Firewall Device Manager, paste the token into the token field.

  8. Set the other options, and then click Finish
5.

Finish the setup wizard.

Figure 6. What's Next
Connect firewall to internet

  1. Click Standalone Device to use the Firewall Device Manager.

  2. Click Configure Interfaces to go directly to the Interfaces page, Configure Policy to go to the Policies page, or Got It to go to the Device page.

    For interfaces or policy configuration, see Configure the network settings and policy.
6.

Enable feature licenses.

  1. From the Device page, click Smart License > > View Configuration.

  2. Click the Enable/Disable control for each optional license.

  3. Choose Resync Connection from the gear drop-down list to synchronize license information with Cisco Smart Software Manager.