Prerequisites

To allow the cluster to auto-register with the Management Center, create a user with Network Admin & Maintenance User privileges on the Management Center. Users with these privileges can use REST API. See the Cisco Secure Firewall Management Center Administration Guide.

Add an access policy in the Management Center that matches the name of the policy that you will specify during template deployment.

Ensure that the Management Center Virtual is licensed appropriately.

After the cluster is added to the Management Center Virtual:

1. Configure platform settings with the health check port number in the Management Center. For more information on configuring this, see Platform Settings.

2. Create static routes for traffic from outside and inside interfaces. For more information on creating a static route, see Add a Static Route.

   Sample static route configuration for the outside interface:

   
   Network: any-ipv4
   Interface: outside
   Leaked from Virtual Router: Global
   Gateway: ftdv-cluster-outside
   Tunneled: false
   Metric: 10

   Note	ftdv-cluster-outside is the outside subnet's gateway IP address.

   Sample static route configuration for the inside interface:

   
   Network: any-ipv4
   Interface: inside
   Leaked from Virtual Router: Global
   Gateway: ftdv-cluster-inside-gw
   Tunneled: false
   Metric: 11

   Note	ftdv-cluster-inside-gw is the inside subnet's gateway IP address.

3. Configure NAT rule for data traffic. For more information on configuring NAT rules, see Network Address Translation.