05-27-2012 11:08 PM - edited 03-10-2019 05:41 AM
Hi,
I have an ASA 5540 F/W and a ASA 5520 IPS with AIP-SSM 20.
Rite now ASA 5540 is conected with the internet Router on the outside interface , there is an inside zone and a DMZ zone as well.
My Question is where shud i put IPS?
1_ Between the internet router and the ASA 5540
2_ or in the inside zone ?
If i were to put it in between the outside zone i.e between ASA 5540 Outside and the internet router then do i require separate WAN ips for the inside and outside of IPS ?? currently as required ASA 5540 outside has been configured a WAN ip
Please help
05-27-2012 11:12 PM
It depends on your requirement. However configuration should be like "Internet Router <--> ASA 5540 <--> IPS"
Regards,
Sawan Gupta
05-28-2012 12:25 AM
Thanks for the reply ..
so if i were to put it as Internet Router -- ASA 5540 --ASA 5520 (IPS) then shud IPS be put in the DMZ zone ??or the Inside zone ..i guess it shud b in the DMZ zone ...in that case it will be assigned a LAN ip on both interfaces.?
05-30-2012 10:37 PM
anybdy ??
06-01-2012 09:50 AM
I am not sure I understand your requirement for the second ASA. You could just install the SSM-20 into the 5540 and choose to inspect traffic either globally (all interfaces) or on a subset of interfaces.
04-01-2013 04:45 AM
hi please i want to ask a question about the ASA IPS Password
i lost my ASA IPS PASSWORD what to do?
04-01-2013 09:19 AM
Try this command from the ASA's CLI.
"hw-module module 1 password-reset"
04-14-2013 01:39 AM
thanks for your reply
but what about the existing configuration or this command will not effect the configuration
04-14-2013 10:54 PM
if IPS is to be installed along with a separate ASA then what shud be the architecture
i have 2 ASA 5540 configured as Cluster and a Separate ASA IPS 5520
where shud i put the ASA 5520 ???
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: