Configure a Physical Firepower Interface

At a minimum, you must enable a physical interface to use it. You would also typically name it and configure IP addressing; however, you would not configure IP addressing if you intend to create VLAN subinterfaces, if you are configuring a passive mode interface, or if you intend to add the interface to a bridge group.

Note	You cannot configure IP addresses on bridge group member interfaces or passive interfaces, although you can modify advanced settings, that are not related to IPv6 addressing.

You can disable an interface to temporarily prevent transmission on the connected network. You do not need to remove the interface's configuration. At this time, Cisco Defense Orchestrator (CDO) can only configure routed interfaces and bridge groups. CDO lists passive interfaces but you cannot reconfigure them as active interfaces from CDO.

Note	Note: CDO does not support Point-to-Point Protocol over Ethernet (PPPoE) configurations for IPv4. Configuring this option in an FDM-managed devicemay cause isses in the CDO UI; if you must configure PPPoE for your device, you must make the appropriate changes in an FDM-managed device.