Unanswered Question
Nov 4th, 2009
User Badges:

I have an ASA 5520, and I have Cisco ASA SSM-10, but I'm not sure how to work with it. My problems are here:

1. What software do I need to get this to work

2. From the rj45 connection on this module, where does it connects to.

3. Give me some guide to configure it and test to see if it works.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
puseth Sun, 11/08/2009 - 17:25
User Badges:


you need to do couple of things to get this to work.

1. Configuration on ASA to forward the traffic to the module

2. Chose whether you are going to plug the IPS in inline/promiscious mode

3. Configure the IPS module

Configuring ASA to forward the traffic to the module:-

access-l IPS permit ip any any


match access-list IPS

policy-map global-policy

class IPS

IPS inline/promiscious fail-open/fail-close

When you do this ASa is configured to send the traffic to the module.

Now you need to get in to the IPS

you can get in to the through CLI on ASA:-

do session 1

it will ask you for username and password

both are cisco by default

run the command setup

and it will walk you through the initial configuration of the sensor.

once the sensor is configured

log in to the IDM

and need to go to configuration>> policies and assign vs0 to the backplane interface of the module so that sigs come in to the act of the traffic.

you can connect the module in front of the IPS to the switch vlan where the other interface exist from where you want to see this traffic and want ips to come into act.

Suppose you want to apply the IPS on inside network

ASA inside interface ip:-

Module ip:-

Here the gateway for the module is the ASA inside interface.

now all the traffic going outbound or coming in from the inside itnerface will be monitored by the IPS.

now connect the ethernet interface of the module to the same vlan on switch where your inside interface is connected.

Now you can even manage the IDM of the IPS just like you manage the ASDM for the ASA, you just need to have your host/network allowed to gain access to it.


alexdelangel Mon, 10/06/2014 - 11:21
User Badges:

Hello friend´s,

Please, allow me to resurect this old post. Now I clearly understand how to install and setup the IPS SSM module, would you share with me a User Guide, then I will be able to manage the IPS and to tune that.



This Discussion