Connect NGFW Engines to the SMC
Save the initial configuration to enable the NGFW Engines to connect to the SMC.
Saving an initial configuration allows you to establish a management connection for NGFW Engines for the first time. If you are installing a new NGFW Engine or want to replace a previous working configuration, you can save relevant parts of the configuration on a USB drive and import it during the NGFW Engine installation.
Saving an initial configuration also allows you to reconnect previously configured NGFW Engines that have lost the connection. This might be because of a missing or expired certificate or because the internal certificate authority that signs the NGFW Engine certificates has been renewed and the NGFW Engines have not yet received a new certificate signed by the new internal certificate authority.
When you save the initial configuration, a one-time password is created. This password is required if you use the NGFW Configuration Wizard to configure NGFW Engines.
By default, one-time passwords expire after 30 days if they are not used. You can optionally configure the expiration time in the Global System Properties dialog box.
The one-time password that is created is specific to each NGFW Engine. Keep track of the passwords. If you mix them up or lose them, you can repeat the procedure and create new initial configurations.
If there is a Firewall between the NGFW Engine and the Management Server, allow the connection in the Firewall’s Access rules. If there is a NAT device between the NGFW Engine and the Management Server, also configure NAT rules for the connection.