Register with a new management center

This procedure shows how to register with a new Cloud-Delivered Firewall Management Center . You should perform these steps even if the new Cloud-Delivered Firewall Management Center uses the old Cloud-Delivered Firewall Management Center 's IP address.

Procedure

Step 1

On the old Cloud-Delivered Firewall Management Center , if present, delete the managed device.

You cannot change the Cloud-Delivered Firewall Management Center IP address if you have an active connection with the Cloud-Delivered Firewall Management Center .

Step 2

Connect to the device CLI, for example using SSH.

Step 3

Configure the new Cloud-Delivered Firewall Management Center .

configure manager add { hostname | IPv4_address | IPv6_address | DONTRESOLVE } regkey [ nat_id ] [ display_name ]

  • { hostname | IPv4_address | IPv6_address }—Sets the Cloud-Delivered Firewall Management Center hostname, IPv4 address, or IPv6 address.

  • DONTRESOLVE —If the Cloud-Delivered Firewall Management Center is not directly addressable, use DONTRESOLVE instead of a hostname or IP address. If you use DONTRESOLVE , then a nat_id is required. When you add this device to the Cloud-Delivered Firewall Management Center , make sure that you specify both the device IP address and the nat_id ; one side of the connection needs to specify an IP address, and both sides need to specify the same, unique NAT ID.

  • regkey —Make up a registration key to be shared between the Cloud-Delivered Firewall Management Center and the device during registration. You can choose any text string for this key between 1 and 37 characters; you will enter the same key on the Cloud-Delivered Firewall Management Center when you add the Firewall Threat Defense .

  • nat_id —Make up an alphanumeric string from 1 to 37 characters used only during the registration process between the Cloud-Delivered Firewall Management Center and the device when one side does not specify an IP address. This NAT ID is a one-time password used only during registration. Make sure the NAT ID is unique, and not used by any other devices awaiting registration. Specify the same NAT ID on the Cloud-Delivered Firewall Management Center when you add the Firewall Threat Defense .

  • display_name —Provide a display name for showing this manager with the show managers command. This option is useful if you are identifying Security Cloud Control as the primary manager and an on-prem Cloud-Delivered Firewall Management Center for analytics only. If you don't specify this argument, the firewall auto-generates a display name using one of the following methods:

    • hostname | IP_address (if you don't use the DONTRESOLVE keyword)

    • manager- timestamp

Example:


> configure manager add DONTRESOLVE abc123 efg456
Manager successfully configured.
Please make note of reg_key as this will be required while adding Device in FMC.
>

Step 4

Add the device to the Cloud-Delivered Firewall Management Center .