Default Configuration
Default Configuration
The configuration for the Firepower device after initial setup includes the following:
• inside—Ethernet 1/2, IP address 192.168.1.1
• outside—Ethernet 1/1, IP address from DHCP or an address you specify during setup
• inside→outside traffic flow
• management—Management 1/1 (management)
• DNS server for management—OpenDNS: 208.67.222.222, 208.67.220.220, or servers you specify
• NTP—Cisco NTP servers: 0.sourcefire.pool.ntp.org, 1.sourcefire.pool.ntp.org, 2.sourcefire.pool.ntp.org,
• Default routes
• DHCP server—Enabled on the inside interface and (6.5 and earlier only) management interface
• FDM access—Management and inside hosts allowed
• NAT—Interface PAT for all traffic from inside to outside
Cisco Firepower 2100 Getting Started Guide
10
• (6.6 and later) IP address from DHCP
• (6.5 and earlier) IP address 192.168.45.45
Note
The Management 1/1 interface is a special interface separate from data interfaces
that is used for management, Smart Licensing, and database updates. The physical
interface is shared with a second logical interface, the Diagnostic interface.
Diagnostic is a data interface, but is limited to other types of management traffic
(to-the-device and from-the-device), such as syslog or SNMP. The Diagnostic
interface is not typically used. See the
information.
during setup. DNS servers obtained from DHCP are never used.
or servers you specify during setup
• Data interfaces—Obtained from outside DHCP, or a gateway IP address you specify during setup
• Management interface—(6.6 and later) Obtained from management DHCP. If you do not receive
a gateway, then the default route is over the backplane and through the data interfaces. (6.5 and
earlier) Over the backplane and through the data interfaces
Note that the FTD requires internet access for licensing and updates.
Firepower Threat Defense Deployment with CDO
FDM configuration guide
for more