Register the firewall with the Firewall Management Center

1.

Log into the Firewall Management Center.

Enter the following URL.

https://fmc_ip_address
Enter your username and password.
Click Log In.

2.

Choose Devices > Device Management.

3.

From the Add drop-down menu, choose Device.

4.

Click Registration Key, click Basic, and then click Next.

5.

Configure the device details and click Next.

Domain—In a multidomain environment, choose the leaf domain.
Device group—In a single domain environment, add the device to a Device group.
Hostname or IP address—Enter the IP address or the hostname of the device you want to add. Leave this field blank if you don't know the device IP address (for example, it's behind NAT).
Display name—Enter a name for the device as you want it to display in the Firewall Management Center. You cannot change this name later.
Registration key—Enter the same registration key from your initial configuration.
Unique NAT ID—Enter the same ID from your initial configuration.
Analytics-only management center—Leave this unchecked.

6.

Configure the initial device configuration.

Access control policy—Choose an initial policy to deploy to the device at registration, or create a new policy. Unless you already have a customized policy you know you need to use, choose Add (), and choose Block all traffic. You can change this later to allow traffic.
Smart licensing—Choose your licenses.
- Is this device physical or virtual?—Choose Physical device
- License type—Check each license type to assign to the device.
You can also apply licenses after you add the device.
Transfer packets—Enable this option so that for each intrusion event, the device transfers the packet to the Firewall Management Center for inspection.

For each intrusion event, the device sends event information and the packet that triggered the event to the Firewall Management Center for inspection. If you disable it, only event information will be sent to the Firewall Management Center; the packet will not be sent.

7.

Click Add device.

It may take up to two minutes for the Firewall Management Center to verify the device’s heartbeat and establish communication. If the registration succeeds, the device is added to the list. If it fails, you will see an error message. If the device fails to register, check the following items:

Ping—Access the device CLI, and ping the Firewall Management Center IP address using the following command:

ping system ip_address

If the ping is not successful, check your network settings using the show network command. If you need to change the device IP address, use the configure network {ipv4 | ipv6} manual command.
Registration key, NAT ID, and Firewall Management Center IP address—Make sure you are using the same registration key, and if used, NAT ID, on both devices. You can set the registration key and NAT ID on the device using the configure manager add command.

For more troubleshooting information, see https://cisco.com/go/fmc-reg-error.

Procedure

Need help?

	1.	Log into the Firewall Management Center. Enter the following URL. https://fmc_ip_address Enter your username and password. Click Log In.
	2.	Choose Devices > Device Management.
	3.	From the Add drop-down menu, choose Device.
	4.	Click Registration Key, click Basic, and then click Next. Figure 1. Device Registration Method
	5.	Configure the device details and click Next. Figure 2. Device Details Domain—In a multidomain environment, choose the leaf domain. Device group—In a single domain environment, add the device to a Device group. Hostname or IP address—Enter the IP address or the hostname of the device you want to add. Leave this field blank if you don't know the device IP address (for example, it's behind NAT). Display name—Enter a name for the device as you want it to display in the Firewall Management Center. You cannot change this name later. Registration key—Enter the same registration key from your initial configuration. Unique NAT ID—Enter the same ID from your initial configuration. Analytics-only management center—Leave this unchecked.
	6.	Configure the initial device configuration. Figure 3. Initial Device Configuration Access control policy—Choose an initial policy to deploy to the device at registration, or create a new policy. Unless you already have a customized policy you know you need to use, choose Add (), and choose Block all traffic. You can change this later to allow traffic. Smart licensing—Choose your licenses. Is this device physical or virtual?—Choose Physical device License type—Check each license type to assign to the device. You can also apply licenses after you add the device. Transfer packets—Enable this option so that for each intrusion event, the device transfers the packet to the Firewall Management Center for inspection. For each intrusion event, the device sends event information and the packet that triggered the event to the Firewall Management Center for inspection. If you disable it, only event information will be sent to the Firewall Management Center; the packet will not be sent.
	7.	Click Add device. It may take up to two minutes for the Firewall Management Center to verify the device’s heartbeat and establish communication. If the registration succeeds, the device is added to the list. If it fails, you will see an error message. If the device fails to register, check the following items: Ping—Access the device CLI, and ping the Firewall Management Center IP address using the following command: ping system ip_address If the ping is not successful, check your network settings using the show network command. If you need to change the device IP address, use the configure network {ipv4 \| ipv6} manual command. Registration key, NAT ID, and Firewall Management Center IP address—Make sure you are using the same registration key, and if used, NAT ID, on both devices. You can set the registration key and NAT ID on the device using the configure manager add command. For more troubleshooting information, see https://cisco.com/go/fmc-reg-error.

Overview

Procedure

Need help?