Manage an FDM-Managed Device from the Inside Interface
This configuration method:
-
Assumes that the FDM-managed device has not been on-boarded to Security Cloud Control.
-
Configures a data interface as the inside interface.
-
Configures the inside interface to receive MGMT traffic (HTTPS).
-
Allows the address of the cloud connector to reach the inside interface of the device.
Before you begin
Procedure
Step 1 | Log in to the Secure Firewall device manager. |
Step 2 | In the System Settings menu, click Management Access. |
Step 3 | Click the Data Interfaces tab and click Create Data Interface.
|
Step 4 | Deploy the change. You can now manage the device using the inside interface. |
What to do next
What if you are using a Cloud Connector?
Use the procedure above and add these steps:
-
Add a step to "NAT" the outside interface to (203.0.113.2) to the inside interface (192.168.1.1). See Interface Addresses.
-
In step 3c of the procedure above, your "Allowed Network" is a network group object containing the public IP addresses of the cloud connector.
-
Add a step that creates an Access Control rule allowing access to the outside interface (203.0.113.2) from the public IP addresses of the cloud connector. See for a list of all the Cloud Connector IP addresses for the various Security Cloud Control regions.
Onboard the FDM-Managed Device
The recommended way of onboarding the FDM-managed device to Security Cloud Control is to use the registration token onboarding approach. After you configure the inside interface to allow management access from the Cloud Connector to the FDM-managed device, onboard the FDM-managed device with the user name and password. See Onboard an FDM-Managed Device Using Username, Password, and IP Address for more information. You will connect using the IP address of the inside interface. In our scenario above, that address is 192.168.1.1.