[EVE-NG] ASA - FTD 기본 설정 및 Timezone (Using FMC)

보안

by 검은체리 2020. 1. 6. 16:20

- Eve-ng 네트워크 설정은 Bridge로 내 PC IP와 같은 네트워크. (192.168.2.0/24)

- FMC : 192.168.2.130 (VM에 설치필요, 아래링크 참조)

Cisco ASA FirePOWER Services: how to install FMC? - Grandmetric

How to install FMC virtual appliance? Firepower Management Center installation steps. FMC 5.X, 6.X,SFR module 5.X,6.X,Cisco ASA,Firepower Management Center

www.grandmetric.com

1. (사전작업) FirePower에 접속하여 FMC에 연결할 수 있도록 설정.

- FMC Host IP 및 Registration Key 설정, 상태 확인

root@eve-ng:~# ssh -l admin 192.168.2.21
Password:
Last login: Mon Jan 6 03:59:45 UTC 2020 on tty0

Copyright 2004-2019, Cisco and/or its affiliates.
All rights reserved.
Cisco is a registered trademark of Cisco Systems, Inc.
All other trademarks are property of their respective owners.

Cisco Fire Linux OS v6.4.0 (build 2)
Cisco Firepower Threat Defense for KVM v6.4.0 (build 102)
>

2. FMC (192.168.2.130) WEB 접속

2. License 등록

- System -> Licenses -> Smart Licenses (평가판 90일 제한적 사용가능)

3. 장비 등록

- Devices -> Device Management -> Add

4. FirePower에서 확인

5. 인터페이스 설정

- Devices -> Device Management -> FTD-1에서 Edit (연필 아이콘)

- Interfaces -> Outside, inside, dmz IP 설정 -> Save

6. 라우팅 설정

- Routing -> Static Routing

- Save

7. DHCP

- Devices -> DHCP Server -> Add

- Save -> Deploy

8. Deploy

9. Object 설정

- Objects -> Object Management -> Network -> Add Network

- Deploy

✔ FTD 시간 (Timezone) 설정

> expert
**************************************************************
NOTICE - Shell access will be deprecated in future releases
         and will be replaced with a separate expert mode CLI.
**************************************************************
admin@FirePower21:~$
admin@FirePower21:~$ cd /etc/sysconfig
admin@FirePower21:/etc/sysconfig$ date
Wed Jan  8 03:10:17 UTC 2020
!
admin@FirePower21:~$ sudo ln -sf /usr/share/zoneinfo/Asia/Bangkok /etc/localtime

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

Password:
admin@FirePower21:/etc/sysconfig$ date
Wed Jan  8 10:11:32 ICT 2020

(Timezome 관련해 Bug가 많다고 함, FMC 적용 안되는 듯)

'보안' 카테고리의 다른 글

[EVE-NG] ASA - Site to Site VPN between FTD (Using FMC) (0)	2020.01.08
[EVE-NG] ASA - Site to Site VPN between ASA and FTD (Using FMC) (0)	2020.01.08
[EVE-NG] ASA - Site to Site VPN between ASA and FTD (Using FDM) (1)	2020.01.06
[EVE-NG] ASA - Site to Site VPN between ASA (1부) (0)	2019.12.24
[EVE-NG] ASA - inside to outside (0)	2019.07.25