An engineer is using the configure manager add Cisc404225383 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why is this occurring?
A.
DONOTRESOLVE must be added to the command
B.
The IP address used should be that of the Cisco FTD, not the Cisco FMC
C.
The registration key is missing from the command
D.
The NAT ID is required since the Cisco FMC is behind a NAT device
"If the FMC is behind a NAT device, enter a unique NAT ID along with the registration key, and specify DONTRESOLVE instead of the hostname, for example:
Example:
> configure manager add DONTRESOLVE regk3y78 natid90
Manager successfully configured.
If the FTD is behind a NAT device, enter a unique NAT ID along with the FMC IP address or hostname, for example:
Example:
> configure manager add 10.70.45.5 regk3y78 natid56
Manager successfully configured. "
Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/device_management_basics.html
So, according to this phrase from the cisco material, answer C seems to make more sense due to the fact that if DONTRESOLVE is missing then a NAT_ID is for sure required as well, so both of them are missing. Since we have only one option, it is more likely that the reg_key is missing, in my opinion.
The question is wrong , it should be "An engineer is using the configure manager add <FMC IP> Cisc404225383 command to add a new Cisco FTD device to the Cisco FMC; however, the device is not being added. Why is this occurring?"
Than "D " makes sense.
C is the correct answer. When registering the sensor to a Firepower Management Center, a unique
alphanumeric registration key is always required. In most cases, to register
a sensor to a Firepower Management Center, you must provide the hostname or
the IP address along with the registration key.
'configure manager add [hostname | ip address ] [registration key ]'
I pick C. How do you know Cisc404225383 is not the hostname? the question only shows 1 item listed after the manager add base command. if that is the Nat_ID then we are missing the IP or DONTRESOLVE & reg key.
Step 5 Configure the new FMC.
configure manager add {hostname | IPv4_address | IPv6_address | DONTRESOLVE } regkey [nat_id]
{hostname | IPv4_address | IPv6_address}—Sets the FMC hostname, IPv4 address, or IPv6 address.
DONTRESOLVE — If the FMC is not directly addressable, use DONTRESOLVE instead of a hostname or IP address. If you use DONTRESOLVE , then a nat_id is required. When you add this device to the FMC, make sure that you specify both the device IP address and the nat_id ; one side of the connection needs to specify an IP address, and both sides need to specify the same, unique NAT ID.
https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/device_management_basics.html
I completely agree, reg_key is required but nat_id is not.
If Cisc404225383 is the host name, then all that is missing is the reg_key.
If Cisc404225383 is the reg_key, then the hostname or IP is missing to begin with, but that is not an option.
wrong answer, apparently the registration key and NAT ID is present and what's missing is either the FMC IP address or the DONOTRESOLVE key word before registration key, so that the FTD will actually register to any FMC provides this registration key and NAT ID regardless to the FMC IP
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
artgen
5 months agoLangaMos
6 months agoKyPKyP
6 months, 1 week agoLula_pearl
8 months agoTHEODORABLE
8 months, 1 week agoureis
8 months, 2 weeks agoJoe_Blue
10 months, 2 weeks agotinyJoe
4 weeks agoDID123
11 months, 1 week agoDolby58
11 months, 2 weeks ago