Configure IPv4 Addressing for the Physical Interface

Warning

After you configure and save a DHCP address pool, the DHCP address pool is bound to the interface's configured IP address(es). If you edit the interface's subnet mask after you configure a DHCP address pool, deployments to the FDM-managed device fail. Also, if you edit the DHCP address pool in the FDM-managed console and read the configuration from an FDM-managed device to Security Cloud Control, the read fails.

Procedure


Step 1

In the "Editing Physical Interface" dialog, click the IPv4 Address tab.

Step 2

Select one of the following options from the Type field:

  • Static-Choose this option if you want to assign an address that should not change. ​Enter in the interface's IP address and the subnet mask for the network attached to the interface. For example, if you attach the 10.100.10.0/24 network, you could enter 10.100.10.1/24. Ensure that the address you enter is not the network ID or the broadcast address for the network and the address is not already used on the network.

    • Standby IP Address and Subnet Mask - If you configured high availability, and you are monitoring this interface for HA, also configure a standby IP address on the same subnet. The standby address is used by this interface on the standby device. If you do not set the standby IP address, the active unit cannot monitor the standby interface using network tests; it can only track the link state.

    • (Optional) DHCP Address Pool - Enter a a single DHCP Server IP address, or an IP address range. The range of IP addresses must be on the same subnet as the selected interface and cannot include: the IP address of the interface itself, the broadcast address, or the subnet network address. Specify the start and end address for the pool, separated by a hyphen. To temporarily disable this DHCP server, edit the server in the DHCP Servers section of the Firepower Threat Defense Device Settings page.

  • Dynamic (DHCP)-Choose this option if the address should be obtained from the DHCP server on the network. Change the following options if necessary:

    • Obtain Default Route-Whether to get the default route from the DHCP server. You would normally check this option.

    • DHCP Route Metric-If you obtain the default route from the DHCP server, enter the administrative distance to the learned route, between 1 and 255.

      Note

      If there is a DHCP server configured for the interface, you are shown the configuration. You can edit or delete the DHCP address pool. If you change the interface IP address to a different subnet, you must either delete the DHCP server, or configure an address pool on the new subnet, before you can save the interface changes.

Step 3

Click Save if you are done or continue with one of these procedures: