cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
524
Views
0
Helpful
9
Replies

ASA 5520 with IPS - upgrade version of IPS?

whiteford
Level 1
Level 1

Hi, I have just upgraded from a PIX to 2xASA 5520 in active/stanby mode. When I go into the IPS via the ASDM it only shows me a URL which doesn't work and mentions that I have version 1.5 and 1.6 would be integrated into the ASDM. How can I do this? I want it intergraded within the ASDM, and how do I show the exact version I am running?

Many thanks

9 Replies 9

abinjola
Cisco Employee
Cisco Employee

upgrade ASA to 8.0.x and ASDM to 6.0.x

It is. I'm running ASA 8.0(3) ASDM 6.0(3).

When I go into IPS it says:

For IPS 5.1(6)E1, use the link below to access IPS Device Manager. (If the SSM management IP address or port is translated, replace them accordingly in the below URL). IPS 6.0.1 or above will be fully integrated into ASDM.

https://10.1.1.1

Let me know what info you need.

you are hitting CSCse47360.

The work around is to open up a new web browser and actually enter the IPS Module IP or upgrade SSM Module to 6.x

Sorry I'm new to this, what is CSCse47360?

How do I find out the IP of the IPS module or upgrade to SSM? Does SSM integrate it into ASDM?

np..everybody is new at some point when they start.

So you are hitting a bug and you may view the details here

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCse47360

Now the workaround is either to access the SSM by using IDM (Intrusion Device Manager) which can be done by assigning a management IP on the management port and connecting it to the VLAN/switch from where you can access it

If you would like to access IPS from ASDM itself then you need to upgrade the SSM Module to versin 6.x

Thanks, how can I tell what version I'm using plus how can I upgrade the SSM Module to versin 6.x?

I would like to use the ASDM to control it all.

Are you talking abou the mangement port on the ASA or the IPS module?

Thanks in advance :)

There is just one port on the entire chasis that says "mgmt" which is a IPS-SSM module management port

From asa# mode type "session 1", this will take you to SSM module, from there type sh version, this would tell you IPS version you running

The following link would help you to log in and upgrade :-

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/cliguide/clilogin.htm#wp1030296

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/cliguide/cliimage.htm#

Me getting confused, I see a mgmt for the asa and this port on the ISP mod, I'll try.

Here is the output, looks out of date, what do you think:

sensor# sh version

Application Partition:

Cisco Intrusion Prevention System, Version 5.1(6)E1

Host:

Realm Keys key1.0

Signature Definition:

Signature Update S291.0 2007-06-18

Virus Update V1.2 2005-11-24

OS Version: 2.4.26-IDS-smp-bigphys

Platform: ASA-SSM-10

Serial Number: *****

No license present

Sensor up-time is 1 day.

Using 619913216 out of 1054670848 bytes of available memory (58% usage)

system is using 17.4M out of 29.0M bytes of available disk space (60% usage)

application-data is using 45.9M out of 166.8M bytes of available disk space (29%

usage)

boot is using 35.3M out of 68.6M bytes of available disk space (54% usage)

MainApp Z-2007_JUN_19_12_49 (Release) 2007-06-19T13:04:08-0500 Ru

nning

AnalysisEngine Z-2007_JUN_19_12_49 (Release) 2007-06-19T13:04:08-0500 Ru

nning

CLI Z-2007_JUN_19_12_49 (Release) 2007-06-19T13:04:08-0500

Upgrade History:

IPS-K9-5.1-6-E1 16:56:31 UTC Sun Feb 17 2008

Recovery Partition Version 1.1 - 5.1(6)E1

sensor#

yes you are running version 5.1(6), so as I said earlier in case you need to manage SSM from ASDM you need to upgrade this to 6.0.x

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: