Connect engines to the SMC

Save the initial configuration to enable the engines to connect to the SMC. Install a policy on the engines to complete the engine configuration.

Saving an initial configuration allows you to establish a management connection for new Firewall engines, IPS engines, Layer 2 Firewall engines, and Master NGFW Engines for the first time. If you are installing a new engine or want to replace the engine’s previous working configuration, this operation also allows you to save relevant parts of the configuration on a USB drive and import it during the engine installation.

Saving an initial configuration also allows you to reconnect previously configured engines that have lost the connection. This might be because of a missing or expired certificate or because the internal certificate authority that signs the engine certificates has been renewed and the engines have not yet received a new certificate signed by the new internal certificate authority.

Note: All communication between Virtual NGFW Engines and the SMC is proxied by the Master NGFW Engine. You cannot save an initial configuration for a Virtual NGFW Engine.

When you save the initial configuration, a one-time password is created. This password is required if you use the NGFW Initial Configuration Wizard to configure engines.