Onboard a Configured FDM-Managed Device using the Device's Serial Number

This procedure is for devices that have already been configured for local management. Because the device setup wizard is completed on an already configured FDM-managed device, the device is unregistered from the cloud, and you can't onboard such devices to CDO using the low-touch provisioning process.

If you device is brand new and has never been managed or configured, you can onboard the device with low-touch provisioning. See Onboard a Secure Firewall Threat Defense Device With Low-Touch Provisioning for more information.

Note	When the device is not connected to the Cisco cloud, you can see the Status LED (Firepower 1000), SYS LED (Firepower 2100), or M LED (Secure Firewall 3100) flashing alternate green and amber.

You may have completed the device setup wizard to perform the following tasks:

The device must be running version 6.7 or later.
Configure a static IP address on the management interface of the device. If the interfaces cannot obtain the necessary dynamic IP address, or the DHCP server does not provide the gateway route, you need to configure a static IP address.
Obtain an address using PPPoE and configure the outside interface.
Manage the device running version 6.7 or later device using Secure Firewall device manager or Secure Firewall Management Center.
You have an active SecureX account. If you do not have a SecureX account, see SecureX and CDO for more information.
Your CDO and SecureX account are merged. See Link Your Cisco Defense Orchestrator and SecureX or Cisco XDR Tenant Accounts for more information.

Important

You can switch the manager of a Secure Firewall Threat Defense device from Secure Firewall device manager to Secure Firewall Management Center, or the other way. Perform the steps explained in the Switching Between Local and Remote Management section of the "System Management" chapter of the Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager for the version the device runs.

If you want to onboard devices, perform the following:

Procedure

Step 1	Review the prerequisites for onboarding here Procedure for Onboarding FDM-Managed Device using Device Serial Number.
Step 2	In the Secure Firewall device manager UI, navigate to System Settings > Cloud Services and select the Auto-enroll with Tenancy from Cisco Defense Orchestrator option and click Register.
Step 3	Log in to CDO.
Step 4	In the navigation pane, click Inventory and click the blue plus button to Onboard a device.
Step 5	Click the FTD tile.
Step 6	On the Onboard FTD Device screen, click Use Serial Number.
Step 7	In the Select FMC step, use the drop-down menu to select an on-prem management center that has already been onboarded to CDO. Click Next. The on-prem management center must be running version 7.4 or higher. If you do not have an on-prem management center onboarded, click +Onboard On-Prem FMC for the onboarding wizard.
Step 8	In the Connection step, enter the device's serial number and device name. Click Next.
Step 9	If the device is not brand new and has already been configured for management, select Yes, this new device has never been logged into or configured for a manager for the Password Reset. Click Next.
Step 10	For Policy Assignment, use the drop-down menu to select a access control policy to be deployed once the device is onboarded. If you do not have a customized policy, CDO auto-selects the default access control policy. Click Next.
Step 11	Select all licenses you want to apply to the device. Click Next.

CDO changes the device Connectivity status changes to "Online" and the Configuration status changes to the "Synced" state. The FDM-managed device is onboarded to CDO. You can see the Status LED (Firepower 1000), SYS LED (Firepower 2100), or M LED flashing green on the rear panel of the hardware. The device LED continues to flash in green when it's connected to Cisco Cloud. If the device can't connect to the Cisco cloud or loses its connectivity after being connected, you can see the same status LED flash alternate green and amber.