Skip to main content

 

 

Cisco Defense Orchestrator

Onboard a Configured FTD using the Device's Serial Number

Because the device setup wizard is completed on an already configured FTD device, the device is unregistered from the cloud, and you can't onboard such devices to CDO using the low-touch provisioning process. 

Note: When the device is not connected to the Cisco cloud, you can see the Status LED (FTD 1000 series) or SYS LED (FTD 2100 series) flashing alternate green and amber.

You may have completed the device setup wizard to perform the following tasks: 

  • The device is upgraded to FTD 6.7 or later. Onboarding an FTD to CDO using a serial number requires FTD 6.7 to be installed on the device.
  • Configure a static IP address on the management interface of the device.
    If the interfaces cannot obtain the necessary dynamic IP address, or the DHCP server does not provide the gateway route, you need to configure a static IP address. 
  • Obtain an address using PPPoE and configure the outside interface.
  • Manage the FTD 6.7 or later device using FDM or FMC.

Important: CDO cannot manage FTD being managed by Firepower Management Center (FMC). However, if you still want to manage this device in CDO, switch the FTD device to local management before onboarding the device and later onboard the device. Perform the steps explained in the Switching Between Local and Remote Management section of the "System Management" chapter of the Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager for the version the device runs. 

If you want to onboard such devices, perform the following:

  1. Onboard the device in CDO using the procedure described in the Procedure for Onboarding FTD using Device Serial Number section. Here, you must select Default Password Changed because the device password has been changed.
  2. In the FDM UI, navigate to System Settings > Cloud Services and select the Auto-enroll with Tenancy from Cisco Defense Orchestrator option and click Register

CDO changes the device Connectivity status changes to "Online" and the Configuration status changes to the "Synced" state. The FTD device is onboarded to CDO. You can see the Status LED (FTD 1010) or SYS LED (FTD 2100) flashing green on the rear panel of the hardware. The device LED continues to flash in green when it's connected to Cisco Cloud. If the device can't connect to the Cisco cloud or lose its connectivity after being connected, you can see the Status LED (FTD 1010) or SYS LED (FTD 2100) flashing alternate green and amber.

  • Was this article helpful?