Add Interfaces to a Virtual FDM-Managed Device

When you deploy a virtual FDM-managed device, you assign interfaces to the virtual machine. Then, from within an FDM-managed device, you configure those interfaces using the same methods you would use for a hardware device.

However, you cannot add more virtual interfaces to the virtual machine and then have FDM automatically recognize them. If you need more physical-interface equivalents for a virtual FDM-managed device, you basically have to start over. You can either deploy a new virtual machine, or you can use the following procedure.

Caution

Adding interfaces to a virtual machine requires that you completely wipe out the virtual FDM-managedconfiguration. The only part of the configuration that remains intact is the management address and gateway settings.

Before You Begin

Do the following in an FDM-managed device:

  • Examine the virtual FDM-managed device configuration and make notes on settings that you will want to replicate in the new virtual machine.

  • Select Devices > Smart License > View Configuration and disable all feature licenses.

Procedure

Step 1

Power off the virtual FDM-managed device.

Step 2

Using the virtual machine software, add the interfaces to the virtual FDM-managed device. For VMware, virtual appliances use e1000 (1 Gbit/s) interfaces by default. You can also use vmxnet3 or ixgbe (10 Gbit/s) interfaces

Step 3

Power on the virtual FDM-managed device.

Step 4

Open the virtual FDM-managed device console, delete the local manager, then enable the local manager. Deleting the local manager, then enabling it, resets the device configuration and gets the system to recognize the new interfaces. The management interface configuration does not get reset. The following SSH session shows the commands. 

> show managers
Managed locally.
> configure manager delete
If you enabled any feature licenses, you must disable them in Firepower Device Manager before deleting the local manager. Otherwise, those licenses remain assigned to the device in Cisco Smart Software Manager.
Do you want to continue[yes/no] yes
DCHP Server Disabled
> show managers
No managers configured.
> configure manager local
>

Step 5

Open a browser session to an FDM-managed device, complete the device setup wizard, and configure the device. See the "Complete the Initial Configuration" section of the Getting Started chapter of Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version x.x.x, guide for more instructions.