Figure 66: Add Rule
• Name—Name this rule, for example, inside-to-outside.
• Selected Sources—Select the inside zone from Zones, and click Add Source Zone.
• Selected Destinationsand A pplications—Select the outside zone from Zones, and click Add Destination
Zone.
Leave the other settings as is.
Step 3 Click Apply.
The rule is added to the Rules table.
Step 4 Click Save.
Configure SSH on the Manager Access Data Interface
If you enabled management center access on a data interface, such as outside, you should enable SSH on that
interface using this procedure. This section describes how to enable SSH connections to one or more data
interfaces on the threat defense.
SSH is enabled by default on the Management interface; however, this screen does not affect Management
SSH access.
Note
The Management interface is separate from the other interfaces on the device. It is used to set up and register
the device to the management center. SSH for data interfaces shares the internal and external user list with
SSH for the Management interface. Other settings are configured separately: for data interfaces, enable SSH
and access lists using this screen; SSH traffic for data interfaces uses the regular routing configuration, and
not any static routes configured at setup or at the CLI.
For the Management interface, to configure an SSH access list, see the configure ssh-access-list command
in the Cisco Secure Firewall Threat Defense Command Reference. To configure a static route, see the configure
network static-routes command. By default, you configure the default route through the Management interface
at initial setup.
To use SSH, you do not also need an access rule allowing the host IP address. You only need to configure
SSH access according to this section.
You can SSH only to a reachable interface ; if your SSH host is located on the outside interface, you can only
initiate a management connection directly to the outside interface.
Cisco Firepower 2100 Getting Started Guide
88
Threat Defense Deployment with a Remote Management Center
Configure SSH on the Manager Access Data Interface
To Next Page
Loading...
Need help?
General