Looking how to initialize your first FMC? In this post, I’m going to explain step by step how to go about your Cisco FMC Initial Setup.
In this example, we’re going to initialize an FMC 1600.
Here’s the list of steps:
Give the CIMC an IP address
Connect your laptop to the console port of the FMC. See #7 below. The FMC 1600’s console port is very likely to be set up with a default baud rate of 115200.
Connect #6 to a VLAN with DHCP.
Turn the FMC on. On the terminal window, you’ll see the IP address that the FMC picked up. Wait a few minutes until the FMC boots up completely. For the purposes of this post, the IP address that my FMC picked up is 192.168.100.15.
HTTPS into the CIMC
Your computer should obviously wired to the same VLAN where the FMC’s CIMC is connected to. Once you HTTPS into the FMC, use the FMC’s default username and password:
- Username: admin
- Password: Admin123
QUICK NOTE: If your browser gives you trouble establishing an HTTPS session with the CIMC, use Firefox.
Once you’ve logged in, click on the top left corner; click on Admin; and then click on Networking under the Admin drop down.
Configure a static IP address by unchecking Use DHCP and typing the static IP assigned to the FMC. In this case, the IP address configured is 192.168.100.15 with a mask of 255.255.255.0 and a default gateway of 192.168.100.1. You can also disable IPv6, if you’re not using it, by unchecking Enable IPv6. Click on Save Changes.
QUICK NOTE: On the image above, you’ll see that the IP address on the URL is 192.168.100.15, and that’s the IP address received from the DHCP server. The same IP address is being assigned statically. That IP address should be excluded from the DHCP range to avoid conflicts.
After you click on Save Changes, you might lose connectivity. Just HTTPS back into the CIMC again.
So far, we’ve only configured access to the FMC’s CIMC interface. Now, let’s configure the FMC.
Launch KVM & Configure the FMC
To configure access to your FMC, go to Launch KVM.
If you see the cursor blinking on the top left corner, you just have to wait a while. Go do something else and come back. It takes a while to get a prompt for login credentials.
Once you get a username and password prompt, enter the following FMC default credentials:
- Username: admin
- Password: Admin123
Hit enter to display the EULA. As the EULA displays on the screen, read the EULA, and if you agree, accept the EULA by typing YES.
Change the admin password.
And then answer the following questions to apply the initial settings to the FMC:
- Enter a hostname or fully qualified domain name for this system. Answer with your hostname. I used scada-fmc-02 in this case.
- Configure IPv4 via DHCP or manually? Answer manual to configure a static IP address to the FMC, which is different than the CIMC.
- Enter an IPv4 address for the management interface. I used 192.168.100.79, but you should use the IP address assigned to your FMC.
- Enter an IPv4 netmask for the management interface. Enter the subnet mask corresponding to the IP address assigned. In my case, the mask was 255.255.255.0.
- Enter the IPv4 default gateway for the management interface. Answer with the default gateway that corresponds to the IP subnet where the FMC will be sitting on. I used 192.168.100.1.
- Enter a comma-separated list of DNS servers or ‘none’. The default DNS servers given are Cisco’s Umbrella DNS Servers. You need to enter the list of DNS servers that you want the FMC to use.
- Enter a comma-separated list of NTP server. Enter the IP address of the NTP servers that you use on your network.
If all the setting are correct, answer y and hit enter.
HTTPS into the FMC
On your browser, https into the IP address assigned to the FMC. In this case, it is 192.168.100.79. To login, use username admin and the password assigned on the section above.
Once you login, you’ll be presented with the Cisco Smart Licensing window. You can enter your token generated on the Cisco Smart Account dashboard.
Or, you can select to Start a 90-day evaluation period until you sort out your licensing.
And that’s it folks! You’re in the FMC now. Your FMC’s initial setup has been successful.
I hope this post helped. If you have any questions, please let me know in the comments.
Getting CCNA or CCNP Certified?
Self-paced Books. On-demand Courses. Practice Tests.
Sign up for a 10-day free trial with unlimited access!
Very well written and such an important piece when you are setting up the FMC from scratch using the CIMC. I have always been using the virtual edition and the Cisco ASA firepower integration. My company is gradually moving towards FortiGate firewalls now but that was a very nice writeup
Thank you, Ben!