06-18-2010 12:04 PM - edited 03-11-2019 11:01 AM
Hello,
Will the configs will replicate to the AIP-SSM 20 from primary ASA to Secondary ASA with AIP-SSM20, OR failover only replicates the ASA configs.
If so it is only replicating the ASA configs then what we shld do to replicate configs from primary AIP-SSM20 to Secondary AIP-SSM20,????
Is there any method or manual copy/paste from 1 AIP-SSM20 to another.
Thanks,
Solved! Go to Solution.
06-19-2010 01:17 AM
The AIP module interface needs to be connected to a port on the switch. The port on the switch has to be on the same vlan, to which the
ip address/subnet you assigned to the AIP module belongs to.
You use IDM or IEV to connect to the AIP via the ip address you assigned to the AIP, and it's path is through the port on the AIP module (not the ASA)
Regards,
06-18-2010 01:06 PM
Failover only replicates ASA configs and conn states.
Unfortunately, the AIPs do not replicate configs.
I hope it helps.
PK
06-18-2010 01:17 PM
Hello Dear,
Thanks for ur reply for above query,another question:
Is it so i have to connect the AIP management0/0 port to core switch OR without connecting also i can telnet to IPS i hope traffic will travel by ASA, ?????
Message was edited by: thomasandy32
06-18-2010 01:55 PM
The management interface of the AIP is for management and upgrades.
You can configure it from the ASA by doing "session 1" on the ASA CLI.
PK
06-19-2010 01:06 AM
Hello,
Do the management interface on AIP-SSM 20 should be connected to core switch,because the IP what i specify is not reacheable from inside network, if i dont conenct a cable to core switch,
1) I used the inside interface subnet for the AIP-SSM management0/0 and allowed the subnet in access-list without connecting a cable to core it is not reacheable.
06-19-2010 01:17 AM
The AIP module interface needs to be connected to a port on the switch. The port on the switch has to be on the same vlan, to which the
ip address/subnet you assigned to the AIP module belongs to.
You use IDM or IEV to connect to the AIP via the ip address you assigned to the AIP, and it's path is through the port on the AIP module (not the ASA)
Regards,
06-19-2010 01:17 AM
For management to the AIP module, the management interface on the AIP module itself needs to be connected to your network (core switch) and configured in the correct VLAN, and the AIP module needs to be configured with an ip address in that VLAN which is accessible from your internal network.
Hope that helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide