09-10-2008 12:57 AM - edited 03-10-2019 04:17 AM
Hi all. How do i implement ips on my asa5510? I can't seem to be able to find any website on this. Can i know if any of you find that the ips is effective? I am using asa ver7.2 and asdm5.2. Pls advise. Thks in advance.
09-10-2008 04:44 AM
09-10-2008 05:19 AM
As for the SSM interfaces there are 2 interfaces.
One is the internal interface on the ASA backplane used Only for monitoring (both promiscuous and inline).
The second interface is the external interface of the SSM itself that is used for management of the SSM. This external interface is what will be assigned an IP as part of the setup command on the SSM. It should be physically connected to one of the networks. It can plugged into the same switch/hub where the ASA's inside, dmz, or management interface is connected. It can then be treated as just another machine on that network.
I have listed the steps below for the initial installation along with the links:
Step 1. To Initialize the SSM you need to :
1. Login via the console/telnet/ssh to the ASA.
2. Enter the command "session 1" to log into the SSM (IPS module).default username and password = cisco
3. On the SSM, use the "setup" command to configure the SSM for management access.
This will involve, among other things, configuring the IP address which should be a valid address for your network.
You'll also be prompted to limit the range of IP addresses that can access the SSM directly for management using an access-list permit.
These steps are documented at the following link:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids11/hwguide/hwinit.htm#wp1032621
4. Connect the Ethernet port on the SSM module to your management network. This will allow you to log into the SSM directly using the IP address configured above. You can then use the ASDM web based GUI to
configure and manage the SSM directly.
For more information on using ASDM see:
Step 2: Configure the ASA to pass traffic to the SSM:
This step is covered here:
http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/config/ids.htm#wp1050693
Please rate if the above post is helpful.
Regards,
Sushil
09-10-2008 11:20 PM
Hi Sushil,
Thk you for the detailed response. Is this ssm module an additional hardware module that i need to add to my cisco5510? Or is it included by default?
09-11-2008 04:46 AM
AIP-SSM (ips) module is an additional module which you need to purchase.It is not included by default in asa5510.You can issue " sh module " command to see if there is one already installed on your asa.
Regards,
Sushil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide