Home
Support
Product Support
Security
Cisco Secure Firewall Threat Defense
Install and Upgrade Guides

Secure Firewall 6100 Threat Defense Getting Started: Firewall Management Center on a Local Management Network

Releases

Network
Network

View all Saved Content

PDF

Is this helpful?

Helpful Unhelpful

Feedback

Thank you for your feedback. Your response has been recorded.

Ask about this document

Cisco Configuration Guide, Release 4.2

Table of contents

Expand all sections

About this document

Before You Begin

Power on the firewall
Which application is installed: Firewall Threat Defense or ASA?
Access the Firewall Threat Defense CLI
Check the version and reimage
Obtain licenses
(If Needed) Power off the firewall

Cable and Register the Firewall

Cable the firewall
Perform initial configuration
Register the firewall with the Firewall Management Center

Configure a Basic Policy

Configure interfaces
Configure the DHCP server
Add the default route
Configure NAT
Configure an access control rule
Deploy the configuration

Configure a Basic Policy

Updated: March 19, 2026

Overview

Configure a basic security policy to get your Secure Firewall 6100 up and running.

Configure a basic security policy with the following settings:

Inside and outside interfaces—Assign a static IP address to the inside interface, and use DHCP for the outside interface.
DHCP server—Use a DHCP server on the inside interface for clients.
Default route—Add a default route through the outside interface.
NAT—Use interface PAT on the outside interface.
Access control—Allow traffic from inside to outside.

You can also ccustomize your security policy to include more advanced inspections.

Configure interfaces

Learn how to configure Secure Firewall 6100 interfaces, including assigning inside and outside zones and setting IP addressing for routed deployments.

Configure the DHCP server

How to enable the DHCP server on a Secure Firewall 6100 interface so internal clients can automatically receive IP addresses and related network settings.

Add the default route

Learn how to verify or add a default route in Firewall Management Center so the Secure Firewall 6100 can reach upstream networks through the outside interface.

Configure NAT

Learn how to create an interface PAT (NAT) policy so inside clients can access external networks using the outside interface IP address.

Configure an access control rule

How to add an access control rule to allow traffic from the inside zone to the outside zone on Secure Firewall 6100, and apply optional security inspection policies.

Deploy the configuration

How to deploy policy changes to the Secure Firewall 6100 so your interface, NAT, DHCP, and access control updates take effect on the device..

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.