| |

Device Registration – Cisco Licensing and Registration

Device Registration

After your management center is registered with the Cisco smart licensing system or enabled with Evaluation Mode, you are ready to register your threat defense devices with the management center. To complete registration, you need to have access to the CLI of the threat defense and to the GUI of the management center.

Best Practices for Registration

When you register a threat defense with a management center, there are a few points to keep in mind:

You must begin the registration process from your threat defense. At first, you enter the management center information on the threat defense CLI, and then you provide the threat defense detail in the management center GUI.

Instead of using the hostname or fully qualified domain name (FQDN), use the IP address directly. It assures that a failure of the registration process is not due to a DNS failure.

If an intermediate device translates the management IP addresses of your management center and threat defense, use a unique NAT ID during their registration process.

Configurations on Threat Defense

After system initialization is complete and the management network is set up, you should be able to connect to the threat defense CLI through the Secure Shell (SSH) or console terminal. Upon a successful login to the threat defense CLI, you will see the default CLI prompt: >.

Example 3-1 confirms that the threat defense is currently not registered with a remote management center or enabled with the local device manager service.

Example 3-1 Output of the show managers Command

Click here to view code image

>
show managers

No managers configured.
>

To add a management center to a threat defense, run the configure manager add command along with the management IP address of the management center. You also have to provide a one-time registration key that is used only during the registration process. A unique NAT ID is necessary if an intermediate networking device translates the IP addresses of the management interfaces. The command syntax is as follows:

Click here to view code image


>
configure manager add
 IP_Address_of_management_center
Registration_Key NAT_ID

Example 3-2 demonstrates the successful addition of a management center using its management IP address 10.1.1.2. The configuration uses RegKey as the one-time temporary registration key and NatId as a NAT ID. Although the use of a NAT ID is optional, you should use it if you are unsure about any possible translation of IP addresses by an intermediate device.

Example 3-2 Adding a Management Center to a Threat Defense

Click here to view code image

>
configure manager add 10.1.1.2 RegKey NatId

 Manager successfully configured.    

Please make note of reg_key as this will be required while adding Device in FMC.
>

After you complete the configuration on the threat defense, the next step is to add the threat defense on the management center. Before going to the next step, though, check the current status of the registration.

Example 3-3 shows the pending registration status after you add the management center to threat defense. The registration status changes to completed after you perform the next step successfully.

Example 3-3 Pending Registration Status Appears After Entering the Management Center Detail in Threat Defense

Click here to view code image

>
show managers

Host                      : 10.1.1.2
Registration Key          : ****
Registration              :
pending

RPC Status                :
>

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *